From c9ca2f54e1d9b3ce44334bfd21f412bd7c3ac696 Mon Sep 17 00:00:00 2001 From: Federico Rodriguez Date: Wed, 21 Aug 2024 13:57:10 +0200 Subject: [PATCH 01/11] Fix 4.9.0 changelog (#6933) * Fix 4.9.0 changelog * Remove 6519 reverted pull request --- CHANGELOG.md | 40 +++++++++++++++++++--------------------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 27a204130c..316ff94ec3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,50 +8,48 @@ All notable changes to the Wazuh app project will be documented in this file. - Support for Wazuh 4.9.0 - Added AngularJS dependencies [#6145](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6145) -- Added a migration task to setup the configuration using a configuration file [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) - Improve fleet management by adding 'Edit Agent Groups' and 'Upgrade Agents' actions, as well as a filter to show only outdated agents [#6250](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6250) [#6476](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6476) [#6274](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6274) [#6501](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6501) [#6529](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6529) [#6648](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6648) - Added propagation of updates from the table to dashboard visualizations in Endpoints summary [#6460](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6460) [#6737](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6737) - Handle index pattern selector on new discover [#6499](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6499) - Added macOS log collector tab [#6545](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6545) -- Add ability to disable the edition of configuration through API endpoints and UI [#6557](https://github.com/wazuh/wazuh-dashboard-plugins/issues/6557) +- Added ability to disable the edition of configuration through API endpoints and UI [#6557](https://github.com/wazuh/wazuh-dashboard-plugins/issues/6557) - Added journald log collector tab [#6572](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6572) - Added HAProxy helper settings to cluster configuration [#6653](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6653) - Added ability to open the report file or Reporting application from the toast message [#6558](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6558) - Added support for agents to Office 365 [#6558](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6558) - Added pinned agent data validation when rendering the Inventory data, Stats and Configuration tabs in Agent preview of Endpoints Summary [#6800](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6800) - Added wz-link component to make redirections [#6848](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6848) -- Add embedded and customized `dom-to-image-more` dependency [#6902](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6902) +- Added embedded and customized `dom-to-image-more` dependency [#6902](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6902) ### Changed -- Removed embedded discover [#6120](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6120) [#6235](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6235) [#6254](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6254) [#6285](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6285) [#6288](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6288) [#6290](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6290) [#6289](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6289) [#6286](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6286) [#6275](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6275) [#6287](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6287) [#6297](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6297) [#6291](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6287) [#6459](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6459) [#6434](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6434) [#6504](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6504) [#6649](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6649) [#6506](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6506) [#6537](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6537) [#6528](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6528) [#6675](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6675) [#6674](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6674) [#6558](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6558) [#6685](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6685) [#6691](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6691) [#6712](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6712) [#6734](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6734) [#6746](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6746) [#6752](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6752) [#6753](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6753) [#6756](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6756) [#6771](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6771) [#6792](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6792) [#6845](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6845) [#6857](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6857) [#6847](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6847) [#6865](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6865) [#6848](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6848) [#6843](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6843) [#6878](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6878) [#6883](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6883) [#6889](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6889) [#6902](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6902) [#6912](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6912) [#6917](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6917) [#6927](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6927) +- Removed legacy embedded discover [#6120](https://github.com/wazuh/wazuh-dashboard-plugins/issues/6120) - Allow editing groups for an agent from Endpoints Summary [#6250](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6250) -- Change how the configuration is managed in the backend side [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) [#6519](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6519) [#6573](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6573) -- Change the view of API is down and check connection to Server APIs application [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) +- Changed how the configuration is managed in the backend side [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) [#6573](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6573) +- Changed the view of API is down and check connection to Server APIs application [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) - Changed the usage of the endpoint GET /groups/{group_id}/files/{file_name} [#6385](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6385) - Refactoring and redesign endpoints summary visualizations [#6268](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6268) [#6832](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6832) -- Move AngularJS settings controller to ReactJS [#6580](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6580) -- Move AngularJS controller and view for manage groups to ReactJS [#6543](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6543) -- Move AngularJS controllers and views of Tools and Dev Tools to ReactJS [#6544](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6544) -- Move the AngularJS controller and template of blank screen to ReactJS component [#6538](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6538) -- Move AngularJS controller for management to ReactJS component [#6555](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6555) -- Move AngularJS controller for overview to ReactJS component [#6594](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6594) +- Moved AngularJS settings controller to ReactJS [#6580](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6580) +- Moved AngularJS controller and view for manage groups to ReactJS [#6543](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6543) +- Moved AngularJS controllers and views of Tools and Dev Tools to ReactJS [#6544](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6544) +- Moved the AngularJS controller and template of blank screen to ReactJS component [#6538](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6538) +- Moved AngularJS controller for management to ReactJS component [#6555](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6555) +- Moved AngularJS controller for overview to ReactJS component [#6594](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6594) - Moved the registry data to in-memory cache [#6481](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6481) -- Enhance the validation for `enrollment.dns` on App Settings application [#6573](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6573) -- Remove some branding references across the application. [#6155](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6155) -- Move AngularJS controller for the agent view to ReactJS [#6618](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6618) -- Implement new data source feature on MITRE ATT&CK module [#6482](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6482) +- Enhanced the validation for `enrollment.dns` on App Settings application [#6573](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6573) +- Moved AngularJS controller for the agent view to ReactJS [#6618](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6618) +- Implemented new data source feature on MITRE ATT&CK module [#6482](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6482) - Upgraded versions of `follow-redirects` and `es5-ext` [#6626](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6626) - Changed agent log collector socket API response controller component [#6660](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6660) -- Improve margins and paddings in the Events, Inventory and Control tabs [#6708](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6708) +- Improved margins and paddings in the Events, Inventory and Control tabs [#6708](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6708) - Refactored the search bar to correctly handle fixed and user-added filters [#6716](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6716) [#6755](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6755) [#6833](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6833) - Generate URL with predefined filters [#6745](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6745) - Migrated AngularJS routing to ReactJS [#6689](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6689) [#6775](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6775) [#6790](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6790) [#6893](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6893) - Improvement of the filter management system by implementing new standard modules [#6534](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6534) [#6772](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6772) [#6873](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6873) - Changed permalink field in the Events tab table in Virustotal to show an external link [#6839](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6839) - Changed the logging system to use the provided by the platform [#6161](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6161) -- Change the internal control from Endpoint Groups to a control via url. [#6890](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6890) -- Change the internal control from Mitre > intelligence > Table to a control via url. [#6882](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6882) +- Changed the internal control from Endpoint Groups to a control via url. [#6890](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6890) +- Changed the internal control from MITRE ATT&CK > intelligence > Table to a control via url. [#6882](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6882) - Changed the display of rule details flyout to be based on URL [#6886](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6886) ### Fixed @@ -63,7 +61,7 @@ All notable changes to the Wazuh app project will be documented in this file. - Fixed styles in small height viewports [#6747](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6747) - Fixed behavior in Configuration Assessment when changing API [#6770](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6770) - Fixed the fixed maximum width of the clear session button in the ruleset test view [#6871](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6871) -- Fixed the width of the last modification column of the table in Windows Registry [#6876](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6876) +- Fixed the width of the "last modified" column of the table in Windows Registry [#6876](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6876) - Fixed redirection to FIM > Inventory > Files from FIM > Inventory > Windows Registry when switching to non-Windows agent. [#6880](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6880) ### Removed @@ -76,7 +74,7 @@ All notable changes to the Wazuh app project will be documented in this file. - Removed AngularJS service `config-handler` [#6631](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6631) - Removed legacy discover references and methods [#6646](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6646) - Removed custom EuiSuggestItem component in favor of OUI's native component [#6714](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6714) -- Removed API endpoint unused endpoints from creation of old visualisations: GET /elastic/visualizations/{tab}/{pattern} and GET /elastic/visualizations/{tab}/{pattern} [#6782](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6782) +- Removed API endpoint unused endpoints from creation of old visualizations: GET /elastic/visualizations/{tab}/{pattern} and GET /elastic/visualizations/{tab}/{pattern} [#6782](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6782) - Removed `logs.level` setting [#6161](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6161) - Removed the usage of `wazuhapp-plain.log`, `wazuhapp.log`, `wazuh-ui-plain.log` and `wazuh-ui.log` files [#6161](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6161) - Removed the `App logs` application [#6161](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6161) From 40fe7a7decaec9881b1f084f6ef129e282512cd2 Mon Sep 17 00:00:00 2001 From: Federico Rodriguez Date: Wed, 21 Aug 2024 14:54:52 +0200 Subject: [PATCH 02/11] Bump 4.9.0 rev 06 RC1 (#6934) * Bump 4.9.0 revision 06 RC1 * Format --- CHANGELOG.md | 2 +- plugins/main/opensearch_dashboards.json | 2 +- plugins/main/package.json | 2 +- plugins/wazuh-check-updates/opensearch_dashboards.json | 2 +- plugins/wazuh-check-updates/package.json | 2 +- plugins/wazuh-core/opensearch_dashboards.json | 2 +- plugins/wazuh-core/package.json | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 316ff94ec3..82f3ebdc3e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ All notable changes to the Wazuh app project will be documented in this file. -## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 05 +## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 06 ### Added diff --git a/plugins/main/opensearch_dashboards.json b/plugins/main/opensearch_dashboards.json index bd80d9627e..36affcc5f6 100644 --- a/plugins/main/opensearch_dashboards.json +++ b/plugins/main/opensearch_dashboards.json @@ -1,6 +1,6 @@ { "id": "wazuh", - "version": "4.9.0-05", + "version": "4.9.0-06", "opensearchDashboardsVersion": "opensearchDashboards", "configPath": ["wazuh"], "requiredPlugins": [ diff --git a/plugins/main/package.json b/plugins/main/package.json index c25060bb57..2fe1f3edcd 100644 --- a/plugins/main/package.json +++ b/plugins/main/package.json @@ -1,7 +1,7 @@ { "name": "wazuh", "version": "4.9.0", - "revision": "05", + "revision": "06", "pluginPlatform": { "version": "2.13.0" }, diff --git a/plugins/wazuh-check-updates/opensearch_dashboards.json b/plugins/wazuh-check-updates/opensearch_dashboards.json index 2248450d09..a5aba3869e 100644 --- a/plugins/wazuh-check-updates/opensearch_dashboards.json +++ b/plugins/wazuh-check-updates/opensearch_dashboards.json @@ -1,6 +1,6 @@ { "id": "wazuhCheckUpdates", - "version": "4.9.0-05", + "version": "4.9.0-06", "opensearchDashboardsVersion": "opensearchDashboards", "server": true, "ui": true, diff --git a/plugins/wazuh-check-updates/package.json b/plugins/wazuh-check-updates/package.json index 13301b2265..d4b88c3dff 100644 --- a/plugins/wazuh-check-updates/package.json +++ b/plugins/wazuh-check-updates/package.json @@ -1,7 +1,7 @@ { "name": "wazuh-check-updates", "version": "4.9.0", - "revision": "05", + "revision": "06", "pluginPlatform": { "version": "2.13.0" }, diff --git a/plugins/wazuh-core/opensearch_dashboards.json b/plugins/wazuh-core/opensearch_dashboards.json index f0a467eb07..b66f983eb8 100644 --- a/plugins/wazuh-core/opensearch_dashboards.json +++ b/plugins/wazuh-core/opensearch_dashboards.json @@ -1,6 +1,6 @@ { "id": "wazuhCore", - "version": "4.9.0-05", + "version": "4.9.0-06", "opensearchDashboardsVersion": "opensearchDashboards", "server": true, "ui": true, diff --git a/plugins/wazuh-core/package.json b/plugins/wazuh-core/package.json index bb512113bc..8362430b63 100644 --- a/plugins/wazuh-core/package.json +++ b/plugins/wazuh-core/package.json @@ -1,7 +1,7 @@ { "name": "wazuh-core", "version": "4.9.0", - "revision": "05", + "revision": "06", "pluginPlatform": { "version": "2.13.0" }, From 8cd576fbdea76b99d93180884d8636e2c0181533 Mon Sep 17 00:00:00 2001 From: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com> Date: Wed, 21 Aug 2024 15:27:29 +0200 Subject: [PATCH 03/11] Compatibility with Opensearch Dashboard 2.16.0 (#6921) * Change 2.13.0 to 2.16.0 for 4.10.0 * Add versions dev.sh * Fix commit --- CHANGELOG.md | 2 +- docker/osd-dev/dev.sh | 12 +++++++++++- plugins/main/package.json | 2 +- .../container/health-check.container.test.tsx | 7 +++++++ plugins/wazuh-check-updates/package.json | 2 +- plugins/wazuh-core/package.json | 2 +- 6 files changed, 22 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1e14813af7..f12c6dc95a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ All notable changes to the Wazuh app project will be documented in this file. -## Wazuh v4.10.0 - OpenSearch Dashboards 2.13.0 - Revision 00 +## Wazuh v4.10.0 - OpenSearch Dashboards 2.16.0 - Revision 00 ### Added diff --git a/docker/osd-dev/dev.sh b/docker/osd-dev/dev.sh index 584c467c77..85a2de8554 100755 --- a/docker/osd-dev/dev.sh +++ b/docker/osd-dev/dev.sh @@ -16,7 +16,9 @@ os_versions=( '2.11.1' '2.12.0' '2.13.0' - + '2.14.0' + '2.15.0' + '2.16.0' ) osd_versions=( @@ -35,12 +37,20 @@ osd_versions=( '2.11.1' '2.12.0' '2.13.0' + '2.14.0' + '2.15.0' + '2.16.0' ) wzs_version=( '4.7.0' '4.7.1' '4.7.2' + '4.7.3' + '4.7.4' + '4.7.5' + '4.8.0' + '4.8.1' ) usage() { diff --git a/plugins/main/package.json b/plugins/main/package.json index b7b8f92e15..7643983858 100644 --- a/plugins/main/package.json +++ b/plugins/main/package.json @@ -3,7 +3,7 @@ "version": "4.10.0", "revision": "00", "pluginPlatform": { - "version": "2.13.0" + "version": "2.16.0" }, "description": "Wazuh dashboard", "keywords": [ diff --git a/plugins/main/public/components/health-check/container/health-check.container.test.tsx b/plugins/main/public/components/health-check/container/health-check.container.test.tsx index a8d692b36a..8ef5f8458c 100644 --- a/plugins/main/public/components/health-check/container/health-check.container.test.tsx +++ b/plugins/main/public/components/health-check/container/health-check.container.test.tsx @@ -26,6 +26,13 @@ jest.mock('../../../react-services/navigation-service', () => ({ }, })); +// the jest.mock of @osd/monaco is added due to a problem transcribing the files to run the tests. +// https://github.com/wazuh/wazuh-dashboard-plugins/pull/6921#issuecomment-2298289550 + +jest.mock('@osd/monaco', () => ({ + monaco: {}, +})); + jest.mock('../../../components/common/hooks', () => ({ useAppConfig: () => ({ isReady: true, diff --git a/plugins/wazuh-check-updates/package.json b/plugins/wazuh-check-updates/package.json index e28a70fb81..a40c9f663a 100644 --- a/plugins/wazuh-check-updates/package.json +++ b/plugins/wazuh-check-updates/package.json @@ -3,7 +3,7 @@ "version": "4.10.0", "revision": "00", "pluginPlatform": { - "version": "2.13.0" + "version": "2.16.0" }, "description": "Wazuh Check Updates", "private": true, diff --git a/plugins/wazuh-core/package.json b/plugins/wazuh-core/package.json index 2143f846e1..8abd4f3d30 100644 --- a/plugins/wazuh-core/package.json +++ b/plugins/wazuh-core/package.json @@ -3,7 +3,7 @@ "version": "4.10.0", "revision": "00", "pluginPlatform": { - "version": "2.13.0" + "version": "2.16.0" }, "description": "Wazuh Core", "private": true, From 24a04f0ebe24ffce4f4e1c3291c5776730243300 Mon Sep 17 00:00:00 2001 From: Nicolas Agustin Guevara Pihen <42900763+Tostti@users.noreply.github.com> Date: Wed, 21 Aug 2024 15:54:05 -0300 Subject: [PATCH 04/11] Bump axios version to 1.7.4 (#6919) * Bump axios version to 1.7.4 * Update changelog * fix prettier --- CHANGELOG.md | 4 ++++ plugins/main/package.json | 2 +- plugins/main/yarn.lock | 13 +++++++++++-- plugins/wazuh-check-updates/package.json | 2 +- plugins/wazuh-check-updates/yarn.lock | 18 +++++++++--------- plugins/wazuh-core/package.json | 2 +- plugins/wazuh-core/yarn.lock | 18 +++++++++--------- 7 files changed, 36 insertions(+), 23 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 167b471b74..95f10cbcfb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,10 @@ All notable changes to the Wazuh app project will be documented in this file. - Fixed rendering an active response as disabled when is active [#6901](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6901) - Fixed an error on Dev Tools when using payload properties as arrays [#6908](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6908) +### Changed + +- Upgraded the `axios` dependency to `1.7.4` [#6919](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6919) + ## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 05 ### Added diff --git a/plugins/main/package.json b/plugins/main/package.json index 719f20d8fb..8f1caa6c16 100644 --- a/plugins/main/package.json +++ b/plugins/main/package.json @@ -49,7 +49,7 @@ "knip": "knip --files" }, "dependencies": { - "axios": "^1.6.1", + "axios": "^1.7.4", "dompurify": "^3.1.3", "install": "^0.13.0", "js2xmlparser": "^5.0.0", diff --git a/plugins/main/yarn.lock b/plugins/main/yarn.lock index e188714e22..25b974c820 100644 --- a/plugins/main/yarn.lock +++ b/plugins/main/yarn.lock @@ -924,7 +924,7 @@ available-typed-arrays@^1.0.7: dependencies: possible-typed-array-names "^1.0.0" -axios@^1.4.0, axios@^1.6.1: +axios@^1.4.0: version "1.6.1" resolved "https://registry.yarnpkg.com/axios/-/axios-1.6.1.tgz#76550d644bf0a2d469a01f9244db6753208397d7" integrity sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g== @@ -933,6 +933,15 @@ axios@^1.4.0, axios@^1.6.1: form-data "^4.0.0" proxy-from-env "^1.1.0" +axios@^1.7.4: + version "1.7.4" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.4.tgz#4c8ded1b43683c8dd362973c393f3ede24052aa2" + integrity sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw== + dependencies: + follow-redirects "^1.15.6" + form-data "^4.0.0" + proxy-from-env "^1.1.0" + babylon@^6.9.1: version "6.18.0" resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.18.0.tgz#af2f3b88fa6f5c1e4c634d1a0f8eac4f55b395e3" @@ -2127,7 +2136,7 @@ flatted@^3.1.0: resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.2.7.tgz#609f39207cb614b89d0765b477cb2d437fbf9787" integrity sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ== -follow-redirects@^1.15.0, follow-redirects@^1.15.4: +follow-redirects@^1.15.0, follow-redirects@^1.15.4, follow-redirects@^1.15.6: version "1.15.6" resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b" integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA== diff --git a/plugins/wazuh-check-updates/package.json b/plugins/wazuh-check-updates/package.json index 419ee75a73..39ee8077af 100644 --- a/plugins/wazuh-check-updates/package.json +++ b/plugins/wazuh-check-updates/package.json @@ -20,7 +20,7 @@ "knip": "knip --files" }, "dependencies": { - "axios": "^1.6.1", + "axios": "^1.7.4", "md5": "^2.3.0", "node-cron": "^3.0.2" }, diff --git a/plugins/wazuh-check-updates/yarn.lock b/plugins/wazuh-check-updates/yarn.lock index 34f25b03fc..7e783235dc 100644 --- a/plugins/wazuh-check-updates/yarn.lock +++ b/plugins/wazuh-check-updates/yarn.lock @@ -430,12 +430,12 @@ available-typed-arrays@^1.0.7: dependencies: possible-typed-array-names "^1.0.0" -axios@^1.6.1: - version "1.6.2" - resolved "https://registry.yarnpkg.com/axios/-/axios-1.6.2.tgz#de67d42c755b571d3e698df1b6504cde9b0ee9f2" - integrity sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A== +axios@^1.7.4: + version "1.7.4" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.4.tgz#4c8ded1b43683c8dd362973c393f3ede24052aa2" + integrity sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw== dependencies: - follow-redirects "^1.15.0" + follow-redirects "^1.15.6" form-data "^4.0.0" proxy-from-env "^1.1.0" @@ -1077,10 +1077,10 @@ flatted@^3.2.9: resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.3.1.tgz#21db470729a6734d4997002f439cb308987f567a" integrity sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw== -follow-redirects@^1.15.0: - version "1.15.3" - resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.3.tgz#fe2f3ef2690afce7e82ed0b44db08165b207123a" - integrity sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q== +follow-redirects@^1.15.6: + version "1.15.6" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b" + integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA== for-each@^0.3.3: version "0.3.3" diff --git a/plugins/wazuh-core/package.json b/plugins/wazuh-core/package.json index 322046279a..3d54307e5e 100644 --- a/plugins/wazuh-core/package.json +++ b/plugins/wazuh-core/package.json @@ -20,7 +20,7 @@ "knip": "knip --files" }, "dependencies": { - "axios": "^1.6.1", + "axios": "^1.7.4", "json2csv": "^4.1.2", "jwt-decode": "^3.1.2", "md5": "^2.3.0", diff --git a/plugins/wazuh-core/yarn.lock b/plugins/wazuh-core/yarn.lock index 9d21128e56..d85475c912 100644 --- a/plugins/wazuh-core/yarn.lock +++ b/plugins/wazuh-core/yarn.lock @@ -425,12 +425,12 @@ available-typed-arrays@^1.0.7: dependencies: possible-typed-array-names "^1.0.0" -axios@^1.6.1: - version "1.6.2" - resolved "https://registry.yarnpkg.com/axios/-/axios-1.6.2.tgz#de67d42c755b571d3e698df1b6504cde9b0ee9f2" - integrity sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A== +axios@^1.7.4: + version "1.7.4" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.4.tgz#4c8ded1b43683c8dd362973c393f3ede24052aa2" + integrity sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw== dependencies: - follow-redirects "^1.15.0" + follow-redirects "^1.15.6" form-data "^4.0.0" proxy-from-env "^1.1.0" @@ -1077,10 +1077,10 @@ flatted@^3.2.9: resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.3.1.tgz#21db470729a6734d4997002f439cb308987f567a" integrity sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw== -follow-redirects@^1.15.0: - version "1.15.3" - resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.3.tgz#fe2f3ef2690afce7e82ed0b44db08165b207123a" - integrity sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q== +follow-redirects@^1.15.6: + version "1.15.6" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b" + integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA== for-each@^0.3.3: version "0.3.3" From 977a34716af165d27a2a47463e4d712688c6f0ae Mon Sep 17 00:00:00 2001 From: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com> Date: Thu, 22 Aug 2024 18:23:42 +0200 Subject: [PATCH 05/11] Change the registration id of the setting application (#6938) * Fix(applications.ts): Change settings id to app-settings * Fix id new menu * Add changelog --- CHANGELOG.md | 4 ++++ plugins/main/public/utils/applications.ts | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f12c6dc95a..90a450bb82 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,10 @@ All notable changes to the Wazuh app project will be documented in this file. - Support for Wazuh 4.10.0 +### Changed + +- Changed the registration id of the Settings application for compatibility with Opensearch Dashboard 2.16.0 [#6938](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6938) + ## Wazuh v4.9.1 - OpenSearch Dashboards 2.13.0 - Revision 00 ### Added diff --git a/plugins/main/public/utils/applications.ts b/plugins/main/public/utils/applications.ts index 46331558ea..2b10d9860a 100644 --- a/plugins/main/public/utils/applications.ts +++ b/plugins/main/public/utils/applications.ts @@ -682,7 +682,7 @@ export const reporting = { export const settings = { category: 'wz-category-server-management', - id: 'settings', + id: 'dashboards-settings', title: i18n.translate('wz-app-settings-title', { defaultMessage: 'Settings', }), From 440473b9921f97cc0ee4fde4346b3188206dc33b Mon Sep 17 00:00:00 2001 From: Antonio <34042064+Desvelao@users.noreply.github.com> Date: Thu, 29 Aug 2024 12:30:00 +0200 Subject: [PATCH 06/11] Change the order of column in Vulnerabilities Detection > Events table (#6949) * change: vulnerabilities detection events table colums order - Add status property to the sample data of vulnerabilities detection alerts to let the render of the expected columns in the vulnerabilities detection > events table * change(changelog): add entry * fix(changelog): pull request reference --- CHANGELOG.md | 1 + .../events/vulnerabilities-columns.tsx | 8 +- .../sample-data/vulnerabilities.js | 4062 ++++++++++++++++- .../lib/modules/vulnerabilities.js | 4062 ++++++++++++++++- 4 files changed, 8003 insertions(+), 130 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 82f3ebdc3e..26c83e141d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -51,6 +51,7 @@ All notable changes to the Wazuh app project will be documented in this file. - Changed the internal control from Endpoint Groups to a control via url. [#6890](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6890) - Changed the internal control from MITRE ATT&CK > intelligence > Table to a control via url. [#6882](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6882) - Changed the display of rule details flyout to be based on URL [#6886](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6886) +- Changed the order of columns on Vulnerabilities Detection > Events table [#6949](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6949) ### Fixed diff --git a/plugins/main/public/components/overview/vulnerabilities/events/vulnerabilities-columns.tsx b/plugins/main/public/components/overview/vulnerabilities/events/vulnerabilities-columns.tsx index bff59b03bc..d1ee7ce042 100644 --- a/plugins/main/public/components/overview/vulnerabilities/events/vulnerabilities-columns.tsx +++ b/plugins/main/public/components/overview/vulnerabilities/events/vulnerabilities-columns.tsx @@ -9,9 +9,6 @@ export const vulnerabilitiesColumns: tDataGridColumn[] = [ { id: 'agent.name', }, - { - id: 'data.vulnerability.package.name', - }, { id: 'data.vulnerability.cve', }, @@ -19,9 +16,12 @@ export const vulnerabilitiesColumns: tDataGridColumn[] = [ id: 'data.vulnerability.severity', }, { - id: 'data.vulnerability.status', + id: 'data.vulnerability.package.name', }, { id: 'data.vulnerability.package.version', }, + { + id: 'data.vulnerability.status', + }, ]; diff --git a/plugins/main/server/lib/generate-alerts/sample-data/vulnerabilities.js b/plugins/main/server/lib/generate-alerts/sample-data/vulnerabilities.js index a35c4c97fa..a0a217e3e4 100644 --- a/plugins/main/server/lib/generate-alerts/sample-data/vulnerabilities.js +++ b/plugins/main/server/lib/generate-alerts/sample-data/vulnerabilities.js @@ -1,67 +1,4003 @@ // Vulnerability export const data = [ - {"rule":{"level":7,"description":"CVE-2017-18018 affects coreutils","id":"23504","firedtimes":1},"data":{"vulnerability":{"package":{"name":"coreutils","version":"8.28-1ubuntu1","architecture":"amd64","condition":"Package less or equal than 8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"high","availability":"none"},"base_score":"4.700000"}},"cve":"CVE-2017-18018","title":"CVE-2017-18018 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.","severity":"Medium","published":"2018-01-04","updated":"2018-01-19","state":"Fixed","cwe_reference":"CWE-362","references":["http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html","https://nvd.nist.gov/vuln/detail/CVE-2017-18018","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18018.html","http://www.openwall.com/lists/oss-security/2018/01/04/3","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018","https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html","https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17540 affects imagemagick","id":"23504","firedtimes":2},"data":{"vulnerability":{"package":{"name":"imagemagick","version":"8:6.9.7.4+dfsg-16ubuntu6.8","architecture":"amd64","condition":"Package less than 7.0.8-54"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17540","title":"ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.","severity":"Medium","published":"2019-10-14","updated":"2019-10-23","state":"Fixed","cwe_reference":"CWE-120","references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578","https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54","https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D","https://security-tracker.debian.org/tracker/CVE-2019-17540","https://nvd.nist.gov/vuln/detail/CVE-2019-17540"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17540 affects libmagickcore-6.q16-3","id":"23504","firedtimes":5},"data":{"vulnerability":{"package":{"name":"libmagickcore-6.q16-3","source":"imagemagick","version":"8:6.9.7.4+dfsg-16ubuntu6.8","architecture":"amd64","condition":"Package less than 7.0.8-54"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17540","title":"ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.","severity":"Medium","published":"2019-10-14","updated":"2019-10-23","state":"Fixed","cwe_reference":"CWE-120","references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578","https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54","https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D","https://security-tracker.debian.org/tracker/CVE-2019-17540","https://nvd.nist.gov/vuln/detail/CVE-2019-17540"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-1000035 affects unzip","id":"23505","firedtimes":1},"data":{"vulnerability":{"package":{"name":"unzip","version":"6.0-21ubuntu1","architecture":"amd64","condition":"Package less or equal than 6.00"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-1000035","title":"CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.","severity":"High","published":"2018-02-09","updated":"2020-01-29","state":"Fixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"],"references":["https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html","https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html","https://security.gentoo.org/glsa/202003-58","https://nvd.nist.gov/vuln/detail/CVE-2018-1000035","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-1000035 affects unzip","id":"23505","firedtimes":1},"data":{"vulnerability":{"package":{"name":"unzip","version":"6.0-21ubuntu1","architecture":"amd64","condition":"Package less or equal than 6.00"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-1000035","title":"CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.","severity":"High","published":"2018-02-09","updated":"2020-01-29","state":"Fixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"],"references":["https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html","https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html","https://security.gentoo.org/glsa/202003-58","https://nvd.nist.gov/vuln/detail/CVE-2018-1000035","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-1747 affects python3-yaml","id":"23505","firedtimes":44},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.12-1build2","architecture":"amd64","condition":"Package less than 5.3.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"10"}},"cve":"CVE-2020-1747","title":"A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.","severity":"High","published":"2020-03-24","updated":"2020-05-11","state":"Fixed","cwe_reference":"CWE-20","references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747","https://github.com/yaml/pyyaml/pull/386","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/","https://nvd.nist.gov/vuln/detail/CVE-2020-1747"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1552 affects openssl","id":"23503","firedtimes":11},"data":{"vulnerability":{"package":{"name":"openssl","version":"1.1.1-1ubuntu2.1~18.04.6","architecture":"amd64","condition":"Package greater or equal than 1.1.1 and less or equal than 1.1.1c"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"3.300000"}},"cve":"CVE-2019-1552","title":"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-07-30","updated":"2019-08-23","state":"Fixed","cwe_reference":"CWE-295","references":["https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","https://security.netapp.com/advisory/ntap-20190823-0006/","https://support.f5.com/csp/article/K94041354","https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS","https://www.openssl.org/news/secadv/20190730.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1552"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-1747 affects python3-yaml","id":"23505","firedtimes":44},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.12-1build2","architecture":"amd64","condition":"Package less than 5.3.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"10"}},"cve":"CVE-2020-1747","title":"A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.","severity":"High","published":"2020-03-24","updated":"2020-05-11","state":"Fixed","cwe_reference":"CWE-20","references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747","https://github.com/yaml/pyyaml/pull/386","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/","https://nvd.nist.gov/vuln/detail/CVE-2020-1747"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-18684 affects sudo","id":"23504","firedtimes":87},"data":{"vulnerability":{"package":{"name":"sudo","version":"1.8.21p2-3ubuntu1.2","architecture":"amd64","condition":"Package less or equal than 1.8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"6.900000"}},"cve":"CVE-2019-18684","title":"** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write \"ALL ALL=(ALL) NOPASSWD:ALL\" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.","severity":"Medium","published":"2019-11-04","updated":"2019-11-08","state":"Fixed","cwe_reference":"CWE-362","references":["https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd","https://nvd.nist.gov/vuln/detail/CVE-2019-18684"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-20482 affects tar","id":"23504","firedtimes":88},"data":{"vulnerability":{"package":{"name":"tar","version":"1.29b-2ubuntu0.1","architecture":"amd64","condition":"Package less or equal than 1.30"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"4.700000"}},"cve":"CVE-2018-20482","title":"CVE-2018-20482 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).","severity":"Medium","published":"2018-12-26","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-835","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377","https://bugzilla.redhat.com/show_bug.cgi?id=1662346"],"references":["http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454","http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html","http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html","http://www.securityfocus.com/bid/106354","https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html","https://news.ycombinator.com/item?id=18745431","https://security.gentoo.org/glsa/201903-05","https://twitter.com/thatcks/status/1076166645708668928","https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug","https://nvd.nist.gov/vuln/detail/CVE-2018-20482","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20482.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2015-2987 affects ed","id":"23503","firedtimes":9},"data":{"vulnerability":{"package":{"name":"ed","version":"1.10-2.1","architecture":"amd64","condition":"Package less or equal than 3.4"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.600000"}},"cve":"CVE-2015-2987","title":"Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.","severity":"Low","published":"2015-08-28","updated":"2015-08-31","state":"Fixed","cwe_reference":"CWE-17","references":["http://jvn.jp/en/jp/JVN91474878/index.html","http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119","http://type74.org/edman5-1.php","http://type74org.blog14.fc2.com/blog-entry-1384.html","https://nvd.nist.gov/vuln/detail/CVE-2015-2987"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-8769 affects elfutils","id":"23505","firedtimes":45},"data":{"vulnerability":{"package":{"name":"elfutils","version":"0.170-0.4ubuntu0.1","architecture":"amd64","condition":"Package matches a vulnerable version"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-8769","title":"elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.","severity":"High","published":"2018-03-18","updated":"2019-10-03","state":"Pending confirmation","cwe_reference":"CWE-125","references":["https://sourceware.org/bugzilla/show_bug.cgi?id=22976","https://nvd.nist.gov/vuln/detail/CVE-2018-8769"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1552 affects openssl","id":"23503","firedtimes":11},"data":{"vulnerability":{"package":{"name":"openssl","version":"1.1.1-1ubuntu2.1~18.04.6","architecture":"amd64","condition":"Package greater or equal than 1.1.1 and less or equal than 1.1.1c"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"3.300000"}},"cve":"CVE-2019-1552","title":"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-07-30","updated":"2019-08-23","state":"Fixed","cwe_reference":"CWE-295","references":["https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","https://security.netapp.com/advisory/ntap-20190823-0006/","https://support.f5.com/csp/article/K94041354","https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS","https://www.openssl.org/news/secadv/20190730.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1552"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-1752 affects libc-bin","id":"23503","firedtimes":12},"data":{"vulnerability":{"package":{"name":"libc-bin","source":"glibc","version":"2.27-3ubuntu1","architecture":"amd64","condition":"Package less than 2.32.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"}},"cve":"CVE-2020-1752","title":"CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.","rationale":"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.","severity":"Low","published":"2020-04-30","updated":"2020-05-18","state":"Fixed","cwe_reference":"CWE-416","references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752","https://security.netapp.com/advisory/ntap-20200511-0005/","https://sourceware.org/bugzilla/show_bug.cgi?id=25414","https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c","https://nvd.nist.gov/vuln/detail/CVE-2020-1752","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-1752 affects multiarch-support","id":"23503","firedtimes":17},"data":{"vulnerability":{"package":{"name":"multiarch-support","source":"glibc","version":"2.27-3ubuntu1","architecture":"amd64","condition":"Package less than 2.32.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"}},"cve":"CVE-2020-1752","title":"CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.","rationale":"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.","severity":"Low","published":"2020-04-30","updated":"2020-05-18","state":"Fixed","cwe_reference":"CWE-416","references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752","https://security.netapp.com/advisory/ntap-20200511-0005/","https://sourceware.org/bugzilla/show_bug.cgi?id=25414","https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c","https://nvd.nist.gov/vuln/detail/CVE-2020-1752","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-19645 affects libsqlite3-0","id":"23503","firedtimes":18},"data":{"vulnerability":{"package":{"name":"libsqlite3-0","source":"sqlite3","version":"3.22.0-1ubuntu0.3","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"2.100000"}},"cve":"CVE-2019-19645","title":"CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.","severity":"Low","published":"2019-12-09","updated":"2019-12-23","state":"Unfixed","cwe_reference":"CWE-674","references":["https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06","https://security.netapp.com/advisory/ntap-20191223-0001/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://nvd.nist.gov/vuln/detail/CVE-2019-19645","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-19645 affects sqlite3","id":"23503","firedtimes":19},"data":{"vulnerability":{"package":{"name":"sqlite3","version":"3.22.0-1ubuntu0.3","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"2.100000"}},"cve":"CVE-2019-19645","title":"CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.","severity":"Low","published":"2019-12-09","updated":"2019-12-23","state":"Unfixed","cwe_reference":"CWE-674","references":["https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06","https://security.netapp.com/advisory/ntap-20191223-0001/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://nvd.nist.gov/vuln/detail/CVE-2019-19645","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects login","id":"23503","firedtimes":20},"data":{"vulnerability":{"package":{"name":"login","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects passwd","id":"23503","firedtimes":21},"data":{"vulnerability":{"package":{"name":"passwd","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects login","id":"23503","firedtimes":20},"data":{"vulnerability":{"package":{"name":"login","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-1003010 affects git","id":"23504","firedtimes":162},"data":{"vulnerability":{"package":{"name":"git","version":"1:2.17.1-1ubuntu0.7","architecture":"amd64","condition":"Package less or equal than 3.9.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"4.300000"}},"cve":"CVE-2019-1003010","title":"A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.","severity":"Medium","published":"2019-02-06","updated":"2019-04-26","state":"Fixed","cwe_reference":"CWE-352","references":["https://access.redhat.com/errata/RHBA-2019:0326","https://access.redhat.com/errata/RHBA-2019:0327","https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095","https://nvd.nist.gov/vuln/detail/CVE-2019-1003010"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-9366 affects screen","id":"23505","firedtimes":77},"data":{"vulnerability":{"package":{"name":"screen","version":"4.6.2-1ubuntu1","architecture":"amd64","condition":"Package less than 4.8.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"}},"cve":"CVE-2020-9366","title":"A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.","severity":"High","published":"2020-02-24","updated":"2020-03-30","state":"Fixed","cwe_reference":"CWE-120","references":["http://www.openwall.com/lists/oss-security/2020/02/25/1","https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html","https://security.gentoo.org/glsa/202003-62","https://www.openwall.com/lists/oss-security/2020/02/06/3","https://nvd.nist.gov/vuln/detail/CVE-2020-9366"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-15847 affects gcc","id":"23505","firedtimes":86},"data":{"vulnerability":{"package":{"name":"gcc","source":"gcc-defaults","version":"4:7.4.0-1ubuntu2.3","architecture":"amd64","condition":"Package less than 10.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"none","availability":"none"},"base_score":"7.500000"}},"cve":"CVE-2019-15847","title":"CVE-2019-15847 on Ubuntu 18.04 LTS (bionic) - negligible.","rationale":"The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.","severity":"High","published":"2019-09-02","updated":"2020-05-26","state":"Fixed","cwe_reference":"CWE-331","bugzilla_references":["https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html","https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481","https://nvd.nist.gov/vuln/detail/CVE-2019-15847","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15847.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-14988 affects libopenexr22","id":"23504","firedtimes":189},"data":{"vulnerability":{"package":{"name":"libopenexr22","source":"openexr","version":"2.2.0-11.1ubuntu1.2","architecture":"amd64","condition":"Package matches a vulnerable version"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2017-14988","title":"** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.","severity":"Medium","published":"2017-10-03","updated":"2019-09-23","state":"Pending confirmation","cwe_reference":"CWE-400","references":["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00063.html","https://github.com/openexr/openexr/issues/248","https://nvd.nist.gov/vuln/detail/CVE-2017-14988"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2","id":"23504","firedtimes":190},"data":{"vulnerability":{"package":{"name":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-bin","id":"23504","firedtimes":191},"data":{"vulnerability":{"package":{"name":"apache2-bin","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-data","id":"23504","firedtimes":192},"data":{"vulnerability":{"package":{"name":"apache2-data","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"all","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-utils","id":"23504","firedtimes":193},"data":{"vulnerability":{"package":{"name":"apache2-utils","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-15919 affects openssh-client","id":"23504","firedtimes":197},"data":{"vulnerability":{"package":{"name":"openssh-client","source":"openssh","version":"1:7.6p1-4ubuntu0.3","architecture":"amd64","condition":"Package greater or equal than 5.9 and less or equal than 7.8"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"low","integrity_impact":"none","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2018-15919","title":"CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","severity":"Medium","published":"2018-08-28","updated":"2019-03-07","state":"Fixed","cwe_reference":"CWE-200","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503","https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919"],"references":["http://seclists.org/oss-sec/2018/q3/180","http://www.securityfocus.com/bid/105163","https://security.netapp.com/advisory/ntap-20181221-0001/","https://nvd.nist.gov/vuln/detail/CVE-2018-15919","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html","http://www.openwall.com/lists/oss-security/2018/08/27/2","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-15919 affects openssh-server","id":"23504","firedtimes":198},"data":{"vulnerability":{"package":{"name":"openssh-server","source":"openssh","version":"1:7.6p1-4ubuntu0.3","architecture":"amd64","condition":"Package greater or equal than 5.9 and less or equal than 7.8"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"low","integrity_impact":"none","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2018-15919","title":"CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","severity":"Medium","published":"2018-08-28","updated":"2019-03-07","state":"Fixed","cwe_reference":"CWE-200","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503","https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919"],"references":["http://seclists.org/oss-sec/2018/q3/180","http://www.securityfocus.com/bid/105163","https://security.netapp.com/advisory/ntap-20181221-0001/","https://nvd.nist.gov/vuln/detail/CVE-2018-15919","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html","http://www.openwall.com/lists/oss-security/2018/08/27/2","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17595 affects ncurses-base","id":"23504","firedtimes":222},"data":{"vulnerability":{"package":{"name":"ncurses-base","source":"ncurses","version":"6.1-1ubuntu1.18.04","architecture":"all","condition":"Package less than 6.1.20191012"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"partial"},"base_score":"5.800000"}},"cve":"CVE-2019-17595","title":"CVE-2019-17595 on Ubuntu 18.04 LTS (bionic) - negligible.","rationale":"There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.","severity":"Medium","published":"2019-10-14","updated":"2019-12-23","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942401"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html","https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html","https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html","https://nvd.nist.gov/vuln/detail/CVE-2019-17595","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17595.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17543 affects liblz4-1","id":"23504","firedtimes":244},"data":{"vulnerability":{"package":{"name":"liblz4-1","source":"lz4","version":"0.0~r131-2ubuntu2","architecture":"amd64","condition":"Package less than 1.9.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17543","title":"CVE-2019-17543 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"","severity":"Medium","published":"2019-10-14","updated":"2019-10-24","state":"Fixed","cwe_reference":"CWE-120","bugzilla_references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943680"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941","https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2","https://github.com/lz4/lz4/issues/801","https://github.com/lz4/lz4/pull/756","https://github.com/lz4/lz4/pull/760","https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E","https://nvd.nist.gov/vuln/detail/CVE-2019-17543","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17543.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17543"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-20217 affects libkrb5-3","id":"23504","firedtimes":254},"data":{"vulnerability":{"package":{"name":"libkrb5-3","source":"krb5","version":"1.13.2+dfsg-5ubuntu2.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"single","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"3.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.300000"}},"cve":"CVE-2018-20217","title":"CVE-2018-20217 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.","severity":"Medium","published":"2018-12-26","updated":"2019-10-03","state":"Unfixed","cwe_reference":"CWE-617","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387","http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763"],"references":["http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763","https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086","https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/","https://security.netapp.com/advisory/ntap-20190416-0006/","https://nvd.nist.gov/vuln/detail/CVE-2018-20217","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20217.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-14036 affects accountsservice","id":"23504","firedtimes":256},"data":{"vulnerability":{"package":{"name":"accountsservice","version":"0.6.40-2ubuntu11.3","architecture":"amd64","condition":"Package less than 0.6.50"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"single","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"4"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"none","availability":"none"},"base_score":"6.500000"}},"cve":"CVE-2018-14036","title":"CVE-2018-14036 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.","severity":"Medium","published":"2018-07-13","updated":"2018-09-06","state":"Fixed","cwe_reference":"CWE-22","bugzilla_references":["https://bugs.freedesktop.org/show_bug.cgi?id=107085","https://bugzilla.suse.com/show_bug.cgi?id=1099699"],"references":["http://www.openwall.com/lists/oss-security/2018/07/02/2","http://www.securityfocus.com/bid/104757","https://bugs.freedesktop.org/show_bug.cgi?id=107085","https://bugzilla.suse.com/show_bug.cgi?id=1099699","https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a","https://nvd.nist.gov/vuln/detail/CVE-2018-14036","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14036.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14036"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-7244 affects libpcre3","id":"23504","firedtimes":265},"data":{"vulnerability":{"package":{"name":"libpcre3","source":"pcre3","version":"2:8.38-3.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2017-7244","title":"CVE-2017-7244 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.","severity":"Medium","published":"2017-03-23","updated":"2018-08-17","state":"Unfixed","cwe_reference":"CWE-125","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683","https://bugs.exim.org/show_bug.cgi?id=2052","https://bugs.exim.org/show_bug.cgi?id=2054"],"references":["http://www.securityfocus.com/bid/97067","https://access.redhat.com/errata/RHSA-2018:2486","https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/","https://security.gentoo.org/glsa/201710-25","https://nvd.nist.gov/vuln/detail/CVE-2017-7244","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7244.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-8631 affects grub-legacy-ec2","id":"23503","firedtimes":32},"data":{"vulnerability":{"package":{"name":"grub-legacy-ec2","source":"cloud-init","version":"19.4-33-gbb4131a2-0ubuntu1~16.04.1","architecture":"all","condition":"Package less or equal than 19.4"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.100000"}},"cve":"CVE-2020-8631","title":"CVE-2020-8631 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.","severity":"Low","published":"2020-02-05","updated":"2020-02-21","state":"Fixed","cwe_reference":"CWE-330","references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html","https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795","https://github.com/canonical/cloud-init/pull/204","https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html","https://nvd.nist.gov/vuln/detail/CVE-2020-8631","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8631.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-20079 affects vim","id":"23505","firedtimes":109},"data":{"vulnerability":{"package":{"name":"vim","version":"2:7.4.1689-3ubuntu1.4","architecture":"amd64","condition":"Package less than 8.1.2136"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"}},"cve":"CVE-2019-20079","title":"The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.","severity":"High","published":"2019-12-30","updated":"2020-03-30","state":"Fixed","cwe_reference":"CWE-416","references":["https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421","https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136","https://packetstormsecurity.com/files/154898","https://usn.ubuntu.com/4309-1/","https://nvd.nist.gov/vuln/detail/CVE-2019-20079"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2016-4484 affects cryptsetup","id":"23504","firedtimes":290},"data":{"vulnerability":{"package":{"name":"cryptsetup","version":"2:1.6.6-5ubuntu2.1","architecture":"amd64","condition":"Package less or equal than 2.1.7.3-2"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"physical","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"6.800000"}},"cve":"CVE-2016-4484","title":"CVE-2016-4484 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.","severity":"Medium","published":"2017-01-23","updated":"2017-01-26","state":"Fixed","cwe_reference":"CWE-287","bugzilla_references":["https://launchpad.net/bugs/1660701"],"references":["http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html","http://www.openwall.com/lists/oss-security/2016/11/14/13","http://www.openwall.com/lists/oss-security/2016/11/15/1","http://www.openwall.com/lists/oss-security/2016/11/15/4","http://www.openwall.com/lists/oss-security/2016/11/16/6","http://www.securityfocus.com/bid/94315","https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb","https://nvd.nist.gov/vuln/detail/CVE-2016-4484","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-13050 affects gnupg","id":"23505","firedtimes":114},"data":{"vulnerability":{"package":{"name":"gnupg","version":"1.4.20-1ubuntu3.3","architecture":"amd64","condition":"Package less or equal than 2.2.16"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"7.500000"}},"cve":"CVE-2019-13050","title":"CVE-2019-13050 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.","severity":"High","published":"2019-06-29","updated":"2019-07-09","state":"Fixed","cwe_reference":"CWE-297","bugzilla_references":["https://bugs.launchpad.net/bugs/1844059","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-13050","https://dev.gnupg.org/T4591","https://dev.gnupg.org/T4607","https://dev.gnupg.org/T4628"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html","https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/","https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html","https://support.f5.com/csp/article/K08654551","https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS","https://twitter.com/lambdafu/status/1147162583969009664","https://nvd.nist.gov/vuln/detail/CVE-2019-13050","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects mount","id":"23505","firedtimes":128},"data":{"vulnerability":{"package":{"name":"mount","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects util-linux","id":"23505","firedtimes":129},"data":{"vulnerability":{"package":{"name":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects uuid-runtime","id":"23505","firedtimes":130},"data":{"vulnerability":{"package":{"name":"uuid-runtime","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1547 affects libssl1.0.0","id":"23503","firedtimes":35},"data":{"vulnerability":{"package":{"name":"libssl1.0.0","source":"openssl","version":"1.0.2g-1ubuntu4.15","architecture":"amd64","condition":"Package greater or equal than 1.0.2 and less or equal than 1.0.2s"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"1.900000"}},"cve":"CVE-2019-1547","title":"CVE-2019-1547 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-09-10","updated":"2019-09-12","state":"Fixed","cwe_reference":"CWE-311","references":["http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html","http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html","http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html","https://arxiv.org/abs/1909.01785","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a","https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/","https://seclists.org/bugtraq/2019/Oct/0","https://seclists.org/bugtraq/2019/Oct/1","https://seclists.org/bugtraq/2019/Sep/25","https://security.gentoo.org/glsa/201911-04","https://security.netapp.com/advisory/ntap-20190919-0002/","https://security.netapp.com/advisory/ntap-20200122-0002/","https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS","https://www.debian.org/security/2019/dsa-4539","https://www.debian.org/security/2019/dsa-4540","https://www.openssl.org/news/secadv/20190910.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1547","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1547.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547","https://usn.ubuntu.com/usn/usn-4376-1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-3843 affects systemd","id":"23505","firedtimes":134},"data":{"vulnerability":{"package":{"name":"systemd","version":"229-4ubuntu21.27","architecture":"amd64","condition":"Package less than 242"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"4.600000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2019-3843","title":"It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.","severity":"High","published":"2019-04-26","updated":"2019-06-19","state":"Fixed","cwe_reference":"CWE-264","references":["http://www.securityfocus.com/bid/108116","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/","https://security.netapp.com/advisory/ntap-20190619-0002/","https://usn.ubuntu.com/4269-1/","https://nvd.nist.gov/vuln/detail/CVE-2019-3843"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-11727 affects thunderbird","id":"23504","firedtimes":312},"data":{"vulnerability":{"package":{"name":"thunderbird","version":"1:68.8.0+build2-0ubuntu0.16.04.2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2019-11727","title":"CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.","severity":"Medium","published":"2019-07-23","updated":"2019-07-30","state":"Unfixed","cwe_reference":"CWE-295","bugzilla_references":["https://bugzilla.mozilla.org/show_bug.cgi?id=1552208"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html","https://access.redhat.com/errata/RHSA-2019:1951","https://bugzilla.mozilla.org/show_bug.cgi?id=1552208","https://security.gentoo.org/glsa/201908-12","https://www.mozilla.org/security/advisories/mfsa2019-21/","https://nvd.nist.gov/vuln/detail/CVE-2019-11727","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11727.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727","https://usn.ubuntu.com/usn/usn-4054-1","https://usn.ubuntu.com/usn/usn-4060-1","https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-18276 affects bash","id":"23505","firedtimes":158},"data":{"vulnerability":{"package":{"name":"bash","version":"4.3-14ubuntu1.4","architecture":"amd64","condition":"Package less or equal than 5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"}},"cve":"CVE-2019-18276","title":"CVE-2019-18276 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.","severity":"High","published":"2019-11-28","updated":"2020-04-30","state":"Fixed","cwe_reference":"CWE-273","bugzilla_references":["https://bugzilla.suse.com/show_bug.cgi?id=1158028"],"references":["http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html","https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff","https://security.netapp.com/advisory/ntap-20200430-0003/","https://www.youtube.com/watch?v=-wGtxJ8opa8","https://nvd.nist.gov/vuln/detail/CVE-2019-18276","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18276.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-9502 affects curl","id":"23504","firedtimes":334},"data":{"vulnerability":{"package":{"name":"curl","version":"7.47.0-1ubuntu2.14","architecture":"amd64","condition":"Package less or equal than 7.54.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"low"},"base_score":"5.300000"}},"cve":"CVE-2017-9502","title":"In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given \"URL\" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string \"file://\").","severity":"Medium","published":"2017-06-14","updated":"2017-07-08","state":"Fixed","cwe_reference":"CWE-119","references":["http://openwall.com/lists/oss-security/2017/06/14/1","http://www.securityfocus.com/bid/99120","http://www.securitytracker.com/id/1038697","https://curl.haxx.se/docs/adv_20170614.html","https://nvd.nist.gov/vuln/detail/CVE-2017-9502"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-20483 affects wget","id":"23505","firedtimes":175},"data":{"vulnerability":{"package":{"name":"wget","version":"1.17.1-1ubuntu1.5","architecture":"amd64","condition":"Package less than 1.20.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.100000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-20483","title":"set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.","severity":"High","published":"2018-12-26","updated":"2019-04-09","state":"Fixed","cwe_reference":"CWE-255","references":["http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS","http://www.securityfocus.com/bid/106358","https://access.redhat.com/errata/RHSA-2019:3701","https://security.gentoo.org/glsa/201903-08","https://security.netapp.com/advisory/ntap-20190321-0002/","https://twitter.com/marcan42/status/1077676739877232640","https://usn.ubuntu.com/3943-1/","https://nvd.nist.gov/vuln/detail/CVE-2018-20483"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-1010204 affects binutils","id":"23504","firedtimes":369},"data":{"vulnerability":{"package":{"name":"binutils","version":"2.26.1-1ubuntu1~16.04.8","architecture":"amd64","condition":"Package greater or equal than 2.21 and less or equal than 2.31.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2019-1010204","title":"CVE-2019-1010204 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.","severity":"Medium","published":"2019-07-23","updated":"2019-08-22","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://sourceware.org/bugzilla/show_bug.cgi?id=23765"],"references":["https://security.netapp.com/advisory/ntap-20190822-0001/","https://sourceware.org/bugzilla/show_bug.cgi?id=23765","https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS","https://nvd.nist.gov/vuln/detail/CVE-2019-1010204","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010204.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-14855 affects dirmngr","id":"23504","firedtimes":382},"data":{"vulnerability":{"package":{"name":"dirmngr","source":"gnupg2","version":"2.1.11-6ubuntu2.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"}},"cve":"CVE-2019-14855","title":"CVE-2019-14855 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.","severity":"Medium","published":"2020-03-20","updated":"2020-03-24","state":"Unfixed","cwe_reference":"CWE-327","bugzilla_references":["https://dev.gnupg.org/T4755"],"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855","https://dev.gnupg.org/T4755","https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html","https://rwc.iacr.org/2020/slides/Leurent.pdf","https://nvd.nist.gov/vuln/detail/CVE-2019-14855","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14855.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855","https://eprint.iacr.org/2020/014.pdf"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2016-5011 affects uuid-runtime","id":"23504","firedtimes":395},"data":{"vulnerability":{"package":{"name":"uuid-runtime","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"complete"},"base_score":"4.700000"},"cvss3":{"vector":{"attack_vector":"physical","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"4.300000"}},"cve":"CVE-2016-5011","title":"CVE-2016-5011 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.","severity":"Medium","published":"2017-04-11","updated":"2017-04-17","state":"Unfixed","cwe_reference":"CWE-399","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802","https://bugzilla.redhat.com/show_bug.cgi?id=1349536"],"references":["http://rhn.redhat.com/errata/RHSA-2016-2605.html","http://www.openwall.com/lists/oss-security/2016/07/11/2","http://www.securityfocus.com/bid/91683","http://www.securitytracker.com/id/1036272","http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543","http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801","https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3","https://nvd.nist.gov/vuln/detail/CVE-2016-5011","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2015-5191 affects open-vm-tools","id":"23504","firedtimes":396},"data":{"vulnerability":{"package":{"name":"open-vm-tools","version":"2:10.2.0-3~ubuntu0.16.04.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"6.700000"}},"cve":"CVE-2015-5191","title":"CVE-2015-5191 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","severity":"Medium","published":"2017-07-28","updated":"2017-08-08","state":"Unfixed","cwe_reference":"CWE-362","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869633"],"references":["http://www.securityfocus.com/bid/100011","http://www.securitytracker.com/id/1039013","https://www.vmware.com/security/advisories/VMSA-2017-0013.html","https://nvd.nist.gov/vuln/detail/CVE-2015-5191","http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5191.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-8975 affects netpbm","id":"23504","firedtimes":397},"data":{"vulnerability":{"package":{"name":"netpbm","source":"netpbm-free","version":"2:10.0-15.3","architecture":"amd64","condition":"Package less or equal than 10.81.03"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2018-8975","title":"The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.","severity":"Medium","published":"2018-03-25","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-125","references":["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00056.html","https://github.com/xiaoqx/pocs/blob/master/netpbm","https://nvd.nist.gov/vuln/detail/CVE-2018-8975"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-19232 affects sudo","id":"23504","firedtimes":398},"data":{"vulnerability":{"package":{"name":"sudo","version":"1.8.16-0ubuntu1.9","architecture":"amd64","condition":"Package less or equal than 1.8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"5"}},"cve":"CVE-2019-19232","title":"CVE-2019-19232 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.","severity":"Medium","published":"2019-12-19","updated":"2020-01-30","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947225"],"references":["http://seclists.org/fulldisclosure/2020/Mar/31","https://access.redhat.com/security/cve/cve-2019-19232","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870","https://security.netapp.com/advisory/ntap-20200103-0004/","https://support.apple.com/en-gb/HT211100","https://support.apple.com/kb/HT211100","https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232","https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506","https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html","https://www.oracle.com/security-alerts/bulletinapr2020.html","https://www.sudo.ws/devel.html#1.8.30b2","https://www.sudo.ws/stable.html","https://www.tenable.com/plugins/nessus/133936","https://nvd.nist.gov/vuln/detail/CVE-2019-19232","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19232.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19232"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-12588 affects rsyslog","id":"23506","firedtimes":64},"data":{"vulnerability":{"package":{"name":"rsyslog","version":"8.16.0-1ubuntu3.1","architecture":"amd64","condition":"Package less or equal than 8.27.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-12588","title":"The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.","severity":"Critical","published":"2017-08-06","updated":"2017-08-14","state":"Fixed","cwe_reference":"CWE-134","references":["https://github.com/rsyslog/rsyslog/blob/master/ChangeLog","https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b","https://github.com/rsyslog/rsyslog/pull/1565","https://nvd.nist.gov/vuln/detail/CVE-2017-12588"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-18342 affects python3-yaml","id":"23506","firedtimes":65},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.11-3build1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-18342","title":"CVE-2017-18342 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.","severity":"Critical","published":"2018-06-27","updated":"2019-06-24","state":"Unfixed","cwe_reference":"CWE-20","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902878"],"references":["https://github.com/marshmallow-code/apispec/issues/278","https://github.com/yaml/pyyaml/blob/master/CHANGES","https://github.com/yaml/pyyaml/issues/193","https://github.com/yaml/pyyaml/pull/74","https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/","https://security.gentoo.org/glsa/202003-45","https://nvd.nist.gov/vuln/detail/CVE-2017-18342","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18342.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-15994 affects rsync","id":"23506","firedtimes":66},"data":{"vulnerability":{"package":{"name":"rsync","version":"3.1.1-3ubuntu1.3","architecture":"amd64","condition":"Package less or equal than 3.1.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-15994","title":"rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.","severity":"Critical","published":"2017-10-29","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-354","references":["https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3","https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55","https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b","https://nvd.nist.gov/vuln/detail/CVE-2017-15994"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2019-9169 affects libc6","id":"23506","firedtimes":68},"data":{"vulnerability":{"package":{"name":"libc6","source":"glibc","version":"2.23-0ubuntu11","architecture":"amd64","condition":"Package less or equal than 2.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2019-9169","title":"CVE-2019-9169 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.","severity":"Critical","published":"2019-02-26","updated":"2019-04-16","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","https://sourceware.org/bugzilla/show_bug.cgi?id=24114"],"references":["http://www.securityfocus.com/bid/107160","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","https://kc.mcafee.com/corporate/index?page=content&id=SB10278","https://security.netapp.com/advisory/ntap-20190315-0002/","https://sourceware.org/bugzilla/show_bug.cgi?id=24114","https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9","https://support.f5.com/csp/article/K54823184","https://nvd.nist.gov/vuln/detail/CVE-2019-9169","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9169.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-15088 affects krb5-locales","id":"23506","firedtimes":73},"data":{"vulnerability":{"package":{"name":"krb5-locales","source":"krb5","version":"1.13.2+dfsg-5ubuntu2.1","architecture":"all","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-15088","title":"CVE-2017-15088 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.","severity":"Critical","published":"2017-11-23","updated":"2019-10-09","state":"Unfixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698"],"references":["http://www.securityfocus.com/bid/101594","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698","https://bugzilla.redhat.com/show_bug.cgi?id=1504045","https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4","https://github.com/krb5/krb5/pull/707","https://nvd.nist.gov/vuln/detail/CVE-2017-15088","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15088.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2018-6485 affects libc-bin","id":"23506","firedtimes":78},"data":{"vulnerability":{"package":{"name":"libc-bin","source":"glibc","version":"2.23-0ubuntu11","architecture":"amd64","condition":"Package less or equal than 2.26"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2018-6485","title":"CVE-2018-6485 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.","severity":"Critical","published":"2018-02-01","updated":"2019-12-10","state":"Fixed","cwe_reference":"CWE-190","bugzilla_references":["http://bugs.debian.org/878159","https://sourceware.org/bugzilla/show_bug.cgi?id=22343"],"references":["http://bugs.debian.org/878159","http://www.securityfocus.com/bid/102912","https://access.redhat.com/errata/RHBA-2019:0327","https://access.redhat.com/errata/RHSA-2018:3092","https://security.netapp.com/advisory/ntap-20190404-0003/","https://sourceware.org/bugzilla/show_bug.cgi?id=22343","https://usn.ubuntu.com/4218-1/","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://nvd.nist.gov/vuln/detail/CVE-2018-6485","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6485.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485","https://usn.ubuntu.com/usn/usn-4218-1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7944 affects libxfixes3","id":"23506","firedtimes":82},"data":{"vulnerability":{"package":{"name":"libxfixes3","source":"libxfixes","version":"1:5.0.1-2","architecture":"amd64","condition":"Package less or equal than 5.0.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7944","title":"CVE-2016-7944 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-190","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840442"],"references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93361","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7944","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7944.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7947 affects libxrandr2","id":"23506","firedtimes":83},"data":{"vulnerability":{"package":{"name":"libxrandr2","source":"libxrandr","version":"2:1.5.0-1","architecture":"amd64","condition":"Package less or equal than 1.5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7947","title":"CVE-2016-7947 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-787","references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93365","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7947","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7948 affects libxrandr2","id":"23506","firedtimes":84},"data":{"vulnerability":{"package":{"name":"libxrandr2","source":"libxrandr","version":"2:1.5.0-1","architecture":"amd64","condition":"Package less or equal than 1.5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7948","title":"CVE-2016-7948 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-787","references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93373","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7948","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, + { + rule: { + level: 7, + description: 'CVE-2017-18018 affects coreutils', + id: '23504', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'coreutils', + version: '8.28-1ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'high', + availability: 'none', + }, + base_score: '4.700000', + }, + }, + cve: 'CVE-2017-18018', + title: 'CVE-2017-18018 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.', + severity: 'Medium', + published: '2018-01-04', + updated: '2018-01-19', + state: 'Fixed', + cwe_reference: 'CWE-362', + references: [ + 'http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-18018', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18018.html', + 'http://www.openwall.com/lists/oss-security/2018/01/04/3', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018', + 'https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html', + 'https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17540 affects imagemagick', + id: '23504', + firedtimes: 2, + }, + data: { + vulnerability: { + package: { + name: 'imagemagick', + version: '8:6.9.7.4+dfsg-16ubuntu6.8', + architecture: 'amd64', + condition: 'Package less than 7.0.8-54', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17540', + title: + 'ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-23', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578', + 'https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54', + 'https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D', + 'https://security-tracker.debian.org/tracker/CVE-2019-17540', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17540', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17540 affects libmagickcore-6.q16-3', + id: '23504', + firedtimes: 5, + }, + data: { + vulnerability: { + package: { + name: 'libmagickcore-6.q16-3', + source: 'imagemagick', + version: '8:6.9.7.4+dfsg-16ubuntu6.8', + architecture: 'amd64', + condition: 'Package less than 7.0.8-54', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17540', + title: + 'ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-23', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578', + 'https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54', + 'https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D', + 'https://security-tracker.debian.org/tracker/CVE-2019-17540', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17540', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-1000035 affects unzip', + id: '23505', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'unzip', + version: '6.0-21ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 6.00', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-1000035', + title: 'CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.', + severity: 'High', + published: '2018-02-09', + updated: '2020-01-29', + state: 'Fixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838', + ], + references: [ + 'https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html', + 'https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + 'https://security.gentoo.org/glsa/202003-58', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-1000035', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035', + 'https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-1000035 affects unzip', + id: '23505', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'unzip', + version: '6.0-21ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 6.00', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-1000035', + title: 'CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.', + severity: 'High', + published: '2018-02-09', + updated: '2020-01-29', + state: 'Fixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838', + ], + references: [ + 'https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html', + 'https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + 'https://security.gentoo.org/glsa/202003-58', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-1000035', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035', + 'https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-1747 affects python3-yaml', + id: '23505', + firedtimes: 44, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.12-1build2', + architecture: 'amd64', + condition: 'Package less than 5.3.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '10', + }, + }, + cve: 'CVE-2020-1747', + title: + 'A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.', + severity: 'High', + published: '2020-03-24', + updated: '2020-05-11', + state: 'Fixed', + cwe_reference: 'CWE-20', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747', + 'https://github.com/yaml/pyyaml/pull/386', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1747', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1552 affects openssl', + id: '23503', + firedtimes: 11, + }, + data: { + vulnerability: { + package: { + name: 'openssl', + version: '1.1.1-1ubuntu2.1~18.04.6', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.1.1 and less or equal than 1.1.1c', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2019-1552', + title: + "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", + severity: 'Low', + published: '2019-07-30', + updated: '2019-08-23', + state: 'Fixed', + cwe_reference: 'CWE-295', + references: [ + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', + 'https://security.netapp.com/advisory/ntap-20190823-0006/', + 'https://support.f5.com/csp/article/K94041354', + 'https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS', + 'https://www.openssl.org/news/secadv/20190730.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1552', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-1747 affects python3-yaml', + id: '23505', + firedtimes: 44, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.12-1build2', + architecture: 'amd64', + condition: 'Package less than 5.3.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '10', + }, + }, + cve: 'CVE-2020-1747', + title: + 'A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.', + severity: 'High', + published: '2020-03-24', + updated: '2020-05-11', + state: 'Fixed', + cwe_reference: 'CWE-20', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747', + 'https://github.com/yaml/pyyaml/pull/386', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1747', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-18684 affects sudo', + id: '23504', + firedtimes: 87, + }, + data: { + vulnerability: { + package: { + name: 'sudo', + version: '1.8.21p2-3ubuntu1.2', + architecture: 'amd64', + condition: 'Package less or equal than 1.8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '6.900000', + }, + }, + cve: 'CVE-2019-18684', + title: + '** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=(ALL) NOPASSWD:ALL" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.', + severity: 'Medium', + published: '2019-11-04', + updated: '2019-11-08', + state: 'Fixed', + cwe_reference: 'CWE-362', + references: [ + 'https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-18684', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-20482 affects tar', + id: '23504', + firedtimes: 88, + }, + data: { + vulnerability: { + package: { + name: 'tar', + version: '1.29b-2ubuntu0.1', + architecture: 'amd64', + condition: 'Package less or equal than 1.30', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '4.700000', + }, + }, + cve: 'CVE-2018-20482', + title: 'CVE-2018-20482 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).", + severity: 'Medium', + published: '2018-12-26', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-835', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1662346', + ], + references: [ + 'http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454', + 'http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html', + 'http://www.securityfocus.com/bid/106354', + 'https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html', + 'https://news.ycombinator.com/item?id=18745431', + 'https://security.gentoo.org/glsa/201903-05', + 'https://twitter.com/thatcks/status/1076166645708668928', + 'https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20482', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20482.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2015-2987 affects ed', + id: '23503', + firedtimes: 9, + }, + data: { + vulnerability: { + package: { + name: 'ed', + version: '1.10-2.1', + architecture: 'amd64', + condition: 'Package less or equal than 3.4', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.600000', + }, + }, + cve: 'CVE-2015-2987', + title: + 'Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.', + severity: 'Low', + published: '2015-08-28', + updated: '2015-08-31', + state: 'Fixed', + cwe_reference: 'CWE-17', + references: [ + 'http://jvn.jp/en/jp/JVN91474878/index.html', + 'http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119', + 'http://type74.org/edman5-1.php', + 'http://type74org.blog14.fc2.com/blog-entry-1384.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2015-2987', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-8769 affects elfutils', + id: '23505', + firedtimes: 45, + }, + data: { + vulnerability: { + package: { + name: 'elfutils', + version: '0.170-0.4ubuntu0.1', + architecture: 'amd64', + condition: 'Package matches a vulnerable version', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-8769', + title: + 'elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.', + severity: 'High', + published: '2018-03-18', + updated: '2019-10-03', + state: 'Pending confirmation', + cwe_reference: 'CWE-125', + references: [ + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22976', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-8769', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1552 affects openssl', + id: '23503', + firedtimes: 11, + }, + data: { + vulnerability: { + package: { + name: 'openssl', + version: '1.1.1-1ubuntu2.1~18.04.6', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.1.1 and less or equal than 1.1.1c', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2019-1552', + title: + "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", + severity: 'Low', + published: '2019-07-30', + updated: '2019-08-23', + state: 'Fixed', + cwe_reference: 'CWE-295', + references: [ + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', + 'https://security.netapp.com/advisory/ntap-20190823-0006/', + 'https://support.f5.com/csp/article/K94041354', + 'https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS', + 'https://www.openssl.org/news/secadv/20190730.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1552', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-1752 affects libc-bin', + id: '23503', + firedtimes: 12, + }, + data: { + vulnerability: { + package: { + name: 'libc-bin', + source: 'glibc', + version: '2.27-3ubuntu1', + architecture: 'amd64', + condition: 'Package less than 2.32.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + }, + cve: 'CVE-2020-1752', + title: 'CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.', + rationale: + 'A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.', + severity: 'Low', + published: '2020-04-30', + updated: '2020-05-18', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752', + 'https://security.netapp.com/advisory/ntap-20200511-0005/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=25414', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1752', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752', + 'https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-1752 affects multiarch-support', + id: '23503', + firedtimes: 17, + }, + data: { + vulnerability: { + package: { + name: 'multiarch-support', + source: 'glibc', + version: '2.27-3ubuntu1', + architecture: 'amd64', + condition: 'Package less than 2.32.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + }, + cve: 'CVE-2020-1752', + title: 'CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.', + rationale: + 'A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.', + severity: 'Low', + published: '2020-04-30', + updated: '2020-05-18', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752', + 'https://security.netapp.com/advisory/ntap-20200511-0005/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=25414', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1752', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752', + 'https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-19645 affects libsqlite3-0', + id: '23503', + firedtimes: 18, + }, + data: { + vulnerability: { + package: { + name: 'libsqlite3-0', + source: 'sqlite3', + version: '3.22.0-1ubuntu0.3', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2019-19645', + title: 'CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.', + severity: 'Low', + published: '2019-12-09', + updated: '2019-12-23', + state: 'Unfixed', + cwe_reference: 'CWE-674', + references: [ + 'https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06', + 'https://security.netapp.com/advisory/ntap-20191223-0001/', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19645', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-19645 affects sqlite3', + id: '23503', + firedtimes: 19, + }, + data: { + vulnerability: { + package: { + name: 'sqlite3', + version: '3.22.0-1ubuntu0.3', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2019-19645', + title: 'CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.', + severity: 'Low', + published: '2019-12-09', + updated: '2019-12-23', + state: 'Unfixed', + cwe_reference: 'CWE-674', + references: [ + 'https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06', + 'https://security.netapp.com/advisory/ntap-20191223-0001/', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19645', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects login', + id: '23503', + firedtimes: 20, + }, + data: { + vulnerability: { + package: { + name: 'login', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects passwd', + id: '23503', + firedtimes: 21, + }, + data: { + vulnerability: { + package: { + name: 'passwd', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects login', + id: '23503', + firedtimes: 20, + }, + data: { + vulnerability: { + package: { + name: 'login', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-1003010 affects git', + id: '23504', + firedtimes: 162, + }, + data: { + vulnerability: { + package: { + name: 'git', + version: '1:2.17.1-1ubuntu0.7', + architecture: 'amd64', + condition: 'Package less or equal than 3.9.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '4.300000', + }, + }, + cve: 'CVE-2019-1003010', + title: + 'A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.', + severity: 'Medium', + published: '2019-02-06', + updated: '2019-04-26', + state: 'Fixed', + cwe_reference: 'CWE-352', + references: [ + 'https://access.redhat.com/errata/RHBA-2019:0326', + 'https://access.redhat.com/errata/RHBA-2019:0327', + 'https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1003010', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-9366 affects screen', + id: '23505', + firedtimes: 77, + }, + data: { + vulnerability: { + package: { + name: 'screen', + version: '4.6.2-1ubuntu1', + architecture: 'amd64', + condition: 'Package less than 4.8.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2020-9366', + title: + 'A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.', + severity: 'High', + published: '2020-02-24', + updated: '2020-03-30', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'http://www.openwall.com/lists/oss-security/2020/02/25/1', + 'https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html', + 'https://security.gentoo.org/glsa/202003-62', + 'https://www.openwall.com/lists/oss-security/2020/02/06/3', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-9366', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-15847 affects gcc', + id: '23505', + firedtimes: 86, + }, + data: { + vulnerability: { + package: { + name: 'gcc', + source: 'gcc-defaults', + version: '4:7.4.0-1ubuntu2.3', + architecture: 'amd64', + condition: 'Package less than 10.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-15847', + title: 'CVE-2019-15847 on Ubuntu 18.04 LTS (bionic) - negligible.', + rationale: + 'The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.', + severity: 'High', + published: '2019-09-02', + updated: '2020-05-26', + state: 'Fixed', + cwe_reference: 'CWE-331', + bugzilla_references: [ + 'https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html', + 'https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-15847', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15847.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-14988 affects libopenexr22', + id: '23504', + firedtimes: 189, + }, + data: { + vulnerability: { + package: { + name: 'libopenexr22', + source: 'openexr', + version: '2.2.0-11.1ubuntu1.2', + architecture: 'amd64', + condition: 'Package matches a vulnerable version', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2017-14988', + title: + "** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.", + severity: 'Medium', + published: '2017-10-03', + updated: '2019-09-23', + state: 'Pending confirmation', + cwe_reference: 'CWE-400', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00063.html', + 'https://github.com/openexr/openexr/issues/248', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-14988', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2', + id: '23504', + firedtimes: 190, + }, + data: { + vulnerability: { + package: { + name: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-bin', + id: '23504', + firedtimes: 191, + }, + data: { + vulnerability: { + package: { + name: 'apache2-bin', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-data', + id: '23504', + firedtimes: 192, + }, + data: { + vulnerability: { + package: { + name: 'apache2-data', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'all', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-utils', + id: '23504', + firedtimes: 193, + }, + data: { + vulnerability: { + package: { + name: 'apache2-utils', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-15919 affects openssh-client', + id: '23504', + firedtimes: 197, + }, + data: { + vulnerability: { + package: { + name: 'openssh-client', + source: 'openssh', + version: '1:7.6p1-4ubuntu0.3', + architecture: 'amd64', + condition: + 'Package greater or equal than 5.9 and less or equal than 7.8', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'low', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-15919', + title: 'CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states \'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.\'', + severity: 'Medium', + published: '2018-08-28', + updated: '2019-03-07', + state: 'Fixed', + cwe_reference: 'CWE-200', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503', + 'https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919', + ], + references: [ + 'http://seclists.org/oss-sec/2018/q3/180', + 'http://www.securityfocus.com/bid/105163', + 'https://security.netapp.com/advisory/ntap-20181221-0001/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-15919', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html', + 'http://www.openwall.com/lists/oss-security/2018/08/27/2', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-15919 affects openssh-server', + id: '23504', + firedtimes: 198, + }, + data: { + vulnerability: { + package: { + name: 'openssh-server', + source: 'openssh', + version: '1:7.6p1-4ubuntu0.3', + architecture: 'amd64', + condition: + 'Package greater or equal than 5.9 and less or equal than 7.8', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'low', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-15919', + title: 'CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states \'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.\'', + severity: 'Medium', + published: '2018-08-28', + updated: '2019-03-07', + state: 'Fixed', + cwe_reference: 'CWE-200', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503', + 'https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919', + ], + references: [ + 'http://seclists.org/oss-sec/2018/q3/180', + 'http://www.securityfocus.com/bid/105163', + 'https://security.netapp.com/advisory/ntap-20181221-0001/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-15919', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html', + 'http://www.openwall.com/lists/oss-security/2018/08/27/2', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17595 affects ncurses-base', + id: '23504', + firedtimes: 222, + }, + data: { + vulnerability: { + package: { + name: 'ncurses-base', + source: 'ncurses', + version: '6.1-1ubuntu1.18.04', + architecture: 'all', + condition: 'Package less than 6.1.20191012', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2019-17595', + title: 'CVE-2019-17595 on Ubuntu 18.04 LTS (bionic) - negligible.', + rationale: + 'There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-12-23', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942401', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html', + 'https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html', + 'https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17595', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17595.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17543 affects liblz4-1', + id: '23504', + firedtimes: 244, + }, + data: { + vulnerability: { + package: { + name: 'liblz4-1', + source: 'lz4', + version: '0.0~r131-2ubuntu2', + architecture: 'amd64', + condition: 'Package less than 1.9.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17543', + title: 'CVE-2019-17543 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-24', + state: 'Fixed', + cwe_reference: 'CWE-120', + bugzilla_references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943680', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html', + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941', + 'https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2', + 'https://github.com/lz4/lz4/issues/801', + 'https://github.com/lz4/lz4/pull/756', + 'https://github.com/lz4/lz4/pull/760', + 'https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17543', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17543.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17543', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-20217 affects libkrb5-3', + id: '23504', + firedtimes: 254, + }, + data: { + vulnerability: { + package: { + name: 'libkrb5-3', + source: 'krb5', + version: '1.13.2+dfsg-5ubuntu2.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'single', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '3.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-20217', + title: 'CVE-2018-20217 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.', + severity: 'Medium', + published: '2018-12-26', + updated: '2019-10-03', + state: 'Unfixed', + cwe_reference: 'CWE-617', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387', + 'http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763', + ], + references: [ + 'http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763', + 'https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086', + 'https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/', + 'https://security.netapp.com/advisory/ntap-20190416-0006/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20217', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20217.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-14036 affects accountsservice', + id: '23504', + firedtimes: 256, + }, + data: { + vulnerability: { + package: { + name: 'accountsservice', + version: '0.6.40-2ubuntu11.3', + architecture: 'amd64', + condition: 'Package less than 0.6.50', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'single', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '4', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '6.500000', + }, + }, + cve: 'CVE-2018-14036', + title: 'CVE-2018-14036 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.', + severity: 'Medium', + published: '2018-07-13', + updated: '2018-09-06', + state: 'Fixed', + cwe_reference: 'CWE-22', + bugzilla_references: [ + 'https://bugs.freedesktop.org/show_bug.cgi?id=107085', + 'https://bugzilla.suse.com/show_bug.cgi?id=1099699', + ], + references: [ + 'http://www.openwall.com/lists/oss-security/2018/07/02/2', + 'http://www.securityfocus.com/bid/104757', + 'https://bugs.freedesktop.org/show_bug.cgi?id=107085', + 'https://bugzilla.suse.com/show_bug.cgi?id=1099699', + 'https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-14036', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14036.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14036', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-7244 affects libpcre3', + id: '23504', + firedtimes: 265, + }, + data: { + vulnerability: { + package: { + name: 'libpcre3', + source: 'pcre3', + version: '2:8.38-3.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2017-7244', + title: 'CVE-2017-7244 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.', + severity: 'Medium', + published: '2017-03-23', + updated: '2018-08-17', + state: 'Unfixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683', + 'https://bugs.exim.org/show_bug.cgi?id=2052', + 'https://bugs.exim.org/show_bug.cgi?id=2054', + ], + references: [ + 'http://www.securityfocus.com/bid/97067', + 'https://access.redhat.com/errata/RHSA-2018:2486', + 'https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/', + 'https://security.gentoo.org/glsa/201710-25', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-7244', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7244.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-8631 affects grub-legacy-ec2', + id: '23503', + firedtimes: 32, + }, + data: { + vulnerability: { + package: { + name: 'grub-legacy-ec2', + source: 'cloud-init', + version: '19.4-33-gbb4131a2-0ubuntu1~16.04.1', + architecture: 'all', + condition: 'Package less or equal than 19.4', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2020-8631', + title: 'CVE-2020-8631 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.', + severity: 'Low', + published: '2020-02-05', + updated: '2020-02-21', + state: 'Fixed', + cwe_reference: 'CWE-330', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html', + 'https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795', + 'https://github.com/canonical/cloud-init/pull/204', + 'https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-8631', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8631.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-20079 affects vim', + id: '23505', + firedtimes: 109, + }, + data: { + vulnerability: { + package: { + name: 'vim', + version: '2:7.4.1689-3ubuntu1.4', + architecture: 'amd64', + condition: 'Package less than 8.1.2136', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-20079', + title: + 'The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.', + severity: 'High', + published: '2019-12-30', + updated: '2020-03-30', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421', + 'https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136', + 'https://packetstormsecurity.com/files/154898', + 'https://usn.ubuntu.com/4309-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-20079', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2016-4484 affects cryptsetup', + id: '23504', + firedtimes: 290, + }, + data: { + vulnerability: { + package: { + name: 'cryptsetup', + version: '2:1.6.6-5ubuntu2.1', + architecture: 'amd64', + condition: 'Package less or equal than 2.1.7.3-2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'physical', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2016-4484', + title: 'CVE-2016-4484 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.', + severity: 'Medium', + published: '2017-01-23', + updated: '2017-01-26', + state: 'Fixed', + cwe_reference: 'CWE-287', + bugzilla_references: ['https://launchpad.net/bugs/1660701'], + references: [ + 'http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html', + 'http://www.openwall.com/lists/oss-security/2016/11/14/13', + 'http://www.openwall.com/lists/oss-security/2016/11/15/1', + 'http://www.openwall.com/lists/oss-security/2016/11/15/4', + 'http://www.openwall.com/lists/oss-security/2016/11/16/6', + 'http://www.securityfocus.com/bid/94315', + 'https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-4484', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-13050 affects gnupg', + id: '23505', + firedtimes: 114, + }, + data: { + vulnerability: { + package: { + name: 'gnupg', + version: '1.4.20-1ubuntu3.3', + architecture: 'amd64', + condition: 'Package less or equal than 2.2.16', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-13050', + title: 'CVE-2019-13050 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.', + severity: 'High', + published: '2019-06-29', + updated: '2019-07-09', + state: 'Fixed', + cwe_reference: 'CWE-297', + bugzilla_references: [ + 'https://bugs.launchpad.net/bugs/1844059', + 'https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-13050', + 'https://dev.gnupg.org/T4591', + 'https://dev.gnupg.org/T4607', + 'https://dev.gnupg.org/T4628', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html', + 'https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/', + 'https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html', + 'https://support.f5.com/csp/article/K08654551', + 'https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS', + 'https://twitter.com/lambdafu/status/1147162583969009664', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-13050', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects mount', + id: '23505', + firedtimes: 128, + }, + data: { + vulnerability: { + package: { + name: 'mount', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects util-linux', + id: '23505', + firedtimes: 129, + }, + data: { + vulnerability: { + package: { + name: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects uuid-runtime', + id: '23505', + firedtimes: 130, + }, + data: { + vulnerability: { + package: { + name: 'uuid-runtime', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1547 affects libssl1.0.0', + id: '23503', + firedtimes: 35, + }, + data: { + vulnerability: { + package: { + name: 'libssl1.0.0', + source: 'openssl', + version: '1.0.2g-1ubuntu4.15', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.0.2 and less or equal than 1.0.2s', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '1.900000', + }, + }, + cve: 'CVE-2019-1547', + title: 'CVE-2019-1547 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).', + severity: 'Low', + published: '2019-09-10', + updated: '2019-09-12', + state: 'Fixed', + cwe_reference: 'CWE-311', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html', + 'http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html', + 'https://arxiv.org/abs/1909.01785', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a', + 'https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/', + 'https://seclists.org/bugtraq/2019/Oct/0', + 'https://seclists.org/bugtraq/2019/Oct/1', + 'https://seclists.org/bugtraq/2019/Sep/25', + 'https://security.gentoo.org/glsa/201911-04', + 'https://security.netapp.com/advisory/ntap-20190919-0002/', + 'https://security.netapp.com/advisory/ntap-20200122-0002/', + 'https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS', + 'https://www.debian.org/security/2019/dsa-4539', + 'https://www.debian.org/security/2019/dsa-4540', + 'https://www.openssl.org/news/secadv/20190910.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1547', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1547.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547', + 'https://usn.ubuntu.com/usn/usn-4376-1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-3843 affects systemd', + id: '23505', + firedtimes: 134, + }, + data: { + vulnerability: { + package: { + name: 'systemd', + version: '229-4ubuntu21.27', + architecture: 'amd64', + condition: 'Package less than 242', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '4.600000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2019-3843', + title: + 'It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.', + severity: 'High', + published: '2019-04-26', + updated: '2019-06-19', + state: 'Fixed', + cwe_reference: 'CWE-264', + references: [ + 'http://www.securityfocus.com/bid/108116', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/', + 'https://security.netapp.com/advisory/ntap-20190619-0002/', + 'https://usn.ubuntu.com/4269-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-3843', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-11727 affects thunderbird', + id: '23504', + firedtimes: 312, + }, + data: { + vulnerability: { + package: { + name: 'thunderbird', + version: '1:68.8.0+build2-0ubuntu0.16.04.2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2019-11727', + title: 'CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.', + severity: 'Medium', + published: '2019-07-23', + updated: '2019-07-30', + state: 'Unfixed', + cwe_reference: 'CWE-295', + bugzilla_references: [ + 'https://bugzilla.mozilla.org/show_bug.cgi?id=1552208', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html', + 'https://access.redhat.com/errata/RHSA-2019:1951', + 'https://bugzilla.mozilla.org/show_bug.cgi?id=1552208', + 'https://security.gentoo.org/glsa/201908-12', + 'https://www.mozilla.org/security/advisories/mfsa2019-21/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-11727', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11727.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727', + 'https://usn.ubuntu.com/usn/usn-4054-1', + 'https://usn.ubuntu.com/usn/usn-4060-1', + 'https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-18276 affects bash', + id: '23505', + firedtimes: 158, + }, + data: { + vulnerability: { + package: { + name: 'bash', + version: '4.3-14ubuntu1.4', + architecture: 'amd64', + condition: 'Package less or equal than 5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + }, + cve: 'CVE-2019-18276', + title: 'CVE-2019-18276 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.', + severity: 'High', + published: '2019-11-28', + updated: '2020-04-30', + state: 'Fixed', + cwe_reference: 'CWE-273', + bugzilla_references: [ + 'https://bugzilla.suse.com/show_bug.cgi?id=1158028', + ], + references: [ + 'http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html', + 'https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff', + 'https://security.netapp.com/advisory/ntap-20200430-0003/', + 'https://www.youtube.com/watch?v=-wGtxJ8opa8', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-18276', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18276.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-9502 affects curl', + id: '23504', + firedtimes: 334, + }, + data: { + vulnerability: { + package: { + name: 'curl', + version: '7.47.0-1ubuntu2.14', + architecture: 'amd64', + condition: 'Package less or equal than 7.54.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'low', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2017-9502', + title: + 'In curl before 7.54.1 on Windows and DOS, libcurl\'s default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given "URL" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string "file://").', + severity: 'Medium', + published: '2017-06-14', + updated: '2017-07-08', + state: 'Fixed', + cwe_reference: 'CWE-119', + references: [ + 'http://openwall.com/lists/oss-security/2017/06/14/1', + 'http://www.securityfocus.com/bid/99120', + 'http://www.securitytracker.com/id/1038697', + 'https://curl.haxx.se/docs/adv_20170614.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-9502', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-20483 affects wget', + id: '23505', + firedtimes: 175, + }, + data: { + vulnerability: { + package: { + name: 'wget', + version: '1.17.1-1ubuntu1.5', + architecture: 'amd64', + condition: 'Package less than 1.20.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.100000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-20483', + title: + "set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.", + severity: 'High', + published: '2018-12-26', + updated: '2019-04-09', + state: 'Fixed', + cwe_reference: 'CWE-255', + references: [ + 'http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS', + 'http://www.securityfocus.com/bid/106358', + 'https://access.redhat.com/errata/RHSA-2019:3701', + 'https://security.gentoo.org/glsa/201903-08', + 'https://security.netapp.com/advisory/ntap-20190321-0002/', + 'https://twitter.com/marcan42/status/1077676739877232640', + 'https://usn.ubuntu.com/3943-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20483', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-1010204 affects binutils', + id: '23504', + firedtimes: 369, + }, + data: { + vulnerability: { + package: { + name: 'binutils', + version: '2.26.1-1ubuntu1~16.04.8', + architecture: 'amd64', + condition: + 'Package greater or equal than 2.21 and less or equal than 2.31.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2019-1010204', + title: 'CVE-2019-1010204 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.', + severity: 'Medium', + published: '2019-07-23', + updated: '2019-08-22', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://sourceware.org/bugzilla/show_bug.cgi?id=23765', + ], + references: [ + 'https://security.netapp.com/advisory/ntap-20190822-0001/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=23765', + 'https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1010204', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010204.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-14855 affects dirmngr', + id: '23504', + firedtimes: 382, + }, + data: { + vulnerability: { + package: { + name: 'dirmngr', + source: 'gnupg2', + version: '2.1.11-6ubuntu2.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + }, + cve: 'CVE-2019-14855', + title: 'CVE-2019-14855 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.', + severity: 'Medium', + published: '2020-03-20', + updated: '2020-03-24', + state: 'Unfixed', + cwe_reference: 'CWE-327', + bugzilla_references: ['https://dev.gnupg.org/T4755'], + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855', + 'https://dev.gnupg.org/T4755', + 'https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html', + 'https://rwc.iacr.org/2020/slides/Leurent.pdf', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-14855', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14855.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855', + 'https://eprint.iacr.org/2020/014.pdf', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2016-5011 affects uuid-runtime', + id: '23504', + firedtimes: 395, + }, + data: { + vulnerability: { + package: { + name: 'uuid-runtime', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'complete', + }, + base_score: '4.700000', + }, + cvss3: { + vector: { + attack_vector: 'physical', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '4.300000', + }, + }, + cve: 'CVE-2016-5011', + title: 'CVE-2016-5011 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.', + severity: 'Medium', + published: '2017-04-11', + updated: '2017-04-17', + state: 'Unfixed', + cwe_reference: 'CWE-399', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1349536', + ], + references: [ + 'http://rhn.redhat.com/errata/RHSA-2016-2605.html', + 'http://www.openwall.com/lists/oss-security/2016/07/11/2', + 'http://www.securityfocus.com/bid/91683', + 'http://www.securitytracker.com/id/1036272', + 'http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543', + 'http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801', + 'https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-5011', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2015-5191 affects open-vm-tools', + id: '23504', + firedtimes: 396, + }, + data: { + vulnerability: { + package: { + name: 'open-vm-tools', + version: '2:10.2.0-3~ubuntu0.16.04.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '6.700000', + }, + }, + cve: 'CVE-2015-5191', + title: 'CVE-2015-5191 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H', + severity: 'Medium', + published: '2017-07-28', + updated: '2017-08-08', + state: 'Unfixed', + cwe_reference: 'CWE-362', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869633', + ], + references: [ + 'http://www.securityfocus.com/bid/100011', + 'http://www.securitytracker.com/id/1039013', + 'https://www.vmware.com/security/advisories/VMSA-2017-0013.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2015-5191', + 'http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5191.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-8975 affects netpbm', + id: '23504', + firedtimes: 397, + }, + data: { + vulnerability: { + package: { + name: 'netpbm', + source: 'netpbm-free', + version: '2:10.0-15.3', + architecture: 'amd64', + condition: 'Package less or equal than 10.81.03', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2018-8975', + title: + 'The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.', + severity: 'Medium', + published: '2018-03-25', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-125', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00056.html', + 'https://github.com/xiaoqx/pocs/blob/master/netpbm', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-8975', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-19232 affects sudo', + id: '23504', + firedtimes: 398, + }, + data: { + vulnerability: { + package: { + name: 'sudo', + version: '1.8.16-0ubuntu1.9', + architecture: 'amd64', + condition: 'Package less or equal than 1.8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5', + }, + }, + cve: 'CVE-2019-19232', + title: 'CVE-2019-19232 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + '** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.', + severity: 'Medium', + published: '2019-12-19', + updated: '2020-01-30', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947225', + ], + references: [ + 'http://seclists.org/fulldisclosure/2020/Mar/31', + 'https://access.redhat.com/security/cve/cve-2019-19232', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870', + 'https://security.netapp.com/advisory/ntap-20200103-0004/', + 'https://support.apple.com/en-gb/HT211100', + 'https://support.apple.com/kb/HT211100', + 'https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232', + 'https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506', + 'https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html', + 'https://www.oracle.com/security-alerts/bulletinapr2020.html', + 'https://www.sudo.ws/devel.html#1.8.30b2', + 'https://www.sudo.ws/stable.html', + 'https://www.tenable.com/plugins/nessus/133936', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19232', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19232.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19232', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-12588 affects rsyslog', + id: '23506', + firedtimes: 64, + }, + data: { + vulnerability: { + package: { + name: 'rsyslog', + version: '8.16.0-1ubuntu3.1', + architecture: 'amd64', + condition: 'Package less or equal than 8.27.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-12588', + title: + 'The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.', + severity: 'Critical', + published: '2017-08-06', + updated: '2017-08-14', + state: 'Fixed', + cwe_reference: 'CWE-134', + references: [ + 'https://github.com/rsyslog/rsyslog/blob/master/ChangeLog', + 'https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b', + 'https://github.com/rsyslog/rsyslog/pull/1565', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-12588', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-18342 affects python3-yaml', + id: '23506', + firedtimes: 65, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.11-3build1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-18342', + title: 'CVE-2017-18342 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + "In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.", + severity: 'Critical', + published: '2018-06-27', + updated: '2019-06-24', + state: 'Unfixed', + cwe_reference: 'CWE-20', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902878', + ], + references: [ + 'https://github.com/marshmallow-code/apispec/issues/278', + 'https://github.com/yaml/pyyaml/blob/master/CHANGES', + 'https://github.com/yaml/pyyaml/issues/193', + 'https://github.com/yaml/pyyaml/pull/74', + 'https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/', + 'https://security.gentoo.org/glsa/202003-45', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-18342', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18342.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-15994 affects rsync', + id: '23506', + firedtimes: 66, + }, + data: { + vulnerability: { + package: { + name: 'rsync', + version: '3.1.1-3ubuntu1.3', + architecture: 'amd64', + condition: 'Package less or equal than 3.1.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-15994', + title: + 'rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.', + severity: 'Critical', + published: '2017-10-29', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-354', + references: [ + 'https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3', + 'https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55', + 'https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-15994', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2019-9169 affects libc6', + id: '23506', + firedtimes: 68, + }, + data: { + vulnerability: { + package: { + name: 'libc6', + source: 'glibc', + version: '2.23-0ubuntu11', + architecture: 'amd64', + condition: 'Package less or equal than 2.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2019-9169', + title: 'CVE-2019-9169 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.', + severity: 'Critical', + published: '2019-02-26', + updated: '2019-04-16', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=24114', + ], + references: [ + 'http://www.securityfocus.com/bid/107160', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142', + 'https://kc.mcafee.com/corporate/index?page=content&id=SB10278', + 'https://security.netapp.com/advisory/ntap-20190315-0002/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=24114', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9', + 'https://support.f5.com/csp/article/K54823184', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-9169', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9169.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-15088 affects krb5-locales', + id: '23506', + firedtimes: 73, + }, + data: { + vulnerability: { + package: { + name: 'krb5-locales', + source: 'krb5', + version: '1.13.2+dfsg-5ubuntu2.1', + architecture: 'all', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-15088', + title: 'CVE-2017-15088 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.', + severity: 'Critical', + published: '2017-11-23', + updated: '2019-10-09', + state: 'Unfixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698', + ], + references: [ + 'http://www.securityfocus.com/bid/101594', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1504045', + 'https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4', + 'https://github.com/krb5/krb5/pull/707', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-15088', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15088.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2018-6485 affects libc-bin', + id: '23506', + firedtimes: 78, + }, + data: { + vulnerability: { + package: { + name: 'libc-bin', + source: 'glibc', + version: '2.23-0ubuntu11', + architecture: 'amd64', + condition: 'Package less or equal than 2.26', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2018-6485', + title: 'CVE-2018-6485 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.', + severity: 'Critical', + published: '2018-02-01', + updated: '2019-12-10', + state: 'Fixed', + cwe_reference: 'CWE-190', + bugzilla_references: [ + 'http://bugs.debian.org/878159', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22343', + ], + references: [ + 'http://bugs.debian.org/878159', + 'http://www.securityfocus.com/bid/102912', + 'https://access.redhat.com/errata/RHBA-2019:0327', + 'https://access.redhat.com/errata/RHSA-2018:3092', + 'https://security.netapp.com/advisory/ntap-20190404-0003/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22343', + 'https://usn.ubuntu.com/4218-1/', + 'https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-6485', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6485.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485', + 'https://usn.ubuntu.com/usn/usn-4218-1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7944 affects libxfixes3', + id: '23506', + firedtimes: 82, + }, + data: { + vulnerability: { + package: { + name: 'libxfixes3', + source: 'libxfixes', + version: '1:5.0.1-2', + architecture: 'amd64', + condition: 'Package less or equal than 5.0.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7944', + title: 'CVE-2016-7944 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-190', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840442', + ], + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93361', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7944', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7944.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7947 affects libxrandr2', + id: '23506', + firedtimes: 83, + }, + data: { + vulnerability: { + package: { + name: 'libxrandr2', + source: 'libxrandr', + version: '2:1.5.0-1', + architecture: 'amd64', + condition: 'Package less or equal than 1.5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7947', + title: 'CVE-2016-7947 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-787', + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93365', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7947', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7948 affects libxrandr2', + id: '23506', + firedtimes: 84, + }, + data: { + vulnerability: { + package: { + name: 'libxrandr2', + source: 'libxrandr', + version: '2:1.5.0-1', + architecture: 'amd64', + condition: 'Package less or equal than 1.5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7948', + title: 'CVE-2016-7948 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-787', + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93373', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7948', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, ]; diff --git a/scripts/wazuh-alerts-generator/lib/modules/vulnerabilities.js b/scripts/wazuh-alerts-generator/lib/modules/vulnerabilities.js index 1b36a497a7..e894e8ece5 100644 --- a/scripts/wazuh-alerts-generator/lib/modules/vulnerabilities.js +++ b/scripts/wazuh-alerts-generator/lib/modules/vulnerabilities.js @@ -1,67 +1,4003 @@ // Vulnerability module.exports.data = [ - {"rule":{"level":7,"description":"CVE-2017-18018 affects coreutils","id":"23504","firedtimes":1},"data":{"vulnerability":{"package":{"name":"coreutils","version":"8.28-1ubuntu1","architecture":"amd64","condition":"Package less or equal than 8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"high","availability":"none"},"base_score":"4.700000"}},"cve":"CVE-2017-18018","title":"CVE-2017-18018 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.","severity":"Medium","published":"2018-01-04","updated":"2018-01-19","state":"Fixed","cwe_reference":"CWE-362","references":["http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html","https://nvd.nist.gov/vuln/detail/CVE-2017-18018","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18018.html","http://www.openwall.com/lists/oss-security/2018/01/04/3","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018","https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html","https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17540 affects imagemagick","id":"23504","firedtimes":2},"data":{"vulnerability":{"package":{"name":"imagemagick","version":"8:6.9.7.4+dfsg-16ubuntu6.8","architecture":"amd64","condition":"Package less than 7.0.8-54"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17540","title":"ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.","severity":"Medium","published":"2019-10-14","updated":"2019-10-23","state":"Fixed","cwe_reference":"CWE-120","references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578","https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54","https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D","https://security-tracker.debian.org/tracker/CVE-2019-17540","https://nvd.nist.gov/vuln/detail/CVE-2019-17540"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17540 affects libmagickcore-6.q16-3","id":"23504","firedtimes":5},"data":{"vulnerability":{"package":{"name":"libmagickcore-6.q16-3","source":"imagemagick","version":"8:6.9.7.4+dfsg-16ubuntu6.8","architecture":"amd64","condition":"Package less than 7.0.8-54"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17540","title":"ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.","severity":"Medium","published":"2019-10-14","updated":"2019-10-23","state":"Fixed","cwe_reference":"CWE-120","references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578","https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54","https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D","https://security-tracker.debian.org/tracker/CVE-2019-17540","https://nvd.nist.gov/vuln/detail/CVE-2019-17540"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-1000035 affects unzip","id":"23505","firedtimes":1},"data":{"vulnerability":{"package":{"name":"unzip","version":"6.0-21ubuntu1","architecture":"amd64","condition":"Package less or equal than 6.00"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-1000035","title":"CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.","severity":"High","published":"2018-02-09","updated":"2020-01-29","state":"Fixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"],"references":["https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html","https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html","https://security.gentoo.org/glsa/202003-58","https://nvd.nist.gov/vuln/detail/CVE-2018-1000035","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-1000035 affects unzip","id":"23505","firedtimes":1},"data":{"vulnerability":{"package":{"name":"unzip","version":"6.0-21ubuntu1","architecture":"amd64","condition":"Package less or equal than 6.00"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-1000035","title":"CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.","severity":"High","published":"2018-02-09","updated":"2020-01-29","state":"Fixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"],"references":["https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html","https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html","https://security.gentoo.org/glsa/202003-58","https://nvd.nist.gov/vuln/detail/CVE-2018-1000035","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-1747 affects python3-yaml","id":"23505","firedtimes":44},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.12-1build2","architecture":"amd64","condition":"Package less than 5.3.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"10"}},"cve":"CVE-2020-1747","title":"A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.","severity":"High","published":"2020-03-24","updated":"2020-05-11","state":"Fixed","cwe_reference":"CWE-20","references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747","https://github.com/yaml/pyyaml/pull/386","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/","https://nvd.nist.gov/vuln/detail/CVE-2020-1747"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1552 affects openssl","id":"23503","firedtimes":11},"data":{"vulnerability":{"package":{"name":"openssl","version":"1.1.1-1ubuntu2.1~18.04.6","architecture":"amd64","condition":"Package greater or equal than 1.1.1 and less or equal than 1.1.1c"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"3.300000"}},"cve":"CVE-2019-1552","title":"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-07-30","updated":"2019-08-23","state":"Fixed","cwe_reference":"CWE-295","references":["https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","https://security.netapp.com/advisory/ntap-20190823-0006/","https://support.f5.com/csp/article/K94041354","https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS","https://www.openssl.org/news/secadv/20190730.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1552"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-1747 affects python3-yaml","id":"23505","firedtimes":44},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.12-1build2","architecture":"amd64","condition":"Package less than 5.3.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"10"}},"cve":"CVE-2020-1747","title":"A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.","severity":"High","published":"2020-03-24","updated":"2020-05-11","state":"Fixed","cwe_reference":"CWE-20","references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747","https://github.com/yaml/pyyaml/pull/386","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/","https://nvd.nist.gov/vuln/detail/CVE-2020-1747"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-18684 affects sudo","id":"23504","firedtimes":87},"data":{"vulnerability":{"package":{"name":"sudo","version":"1.8.21p2-3ubuntu1.2","architecture":"amd64","condition":"Package less or equal than 1.8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"6.900000"}},"cve":"CVE-2019-18684","title":"** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write \"ALL ALL=(ALL) NOPASSWD:ALL\" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.","severity":"Medium","published":"2019-11-04","updated":"2019-11-08","state":"Fixed","cwe_reference":"CWE-362","references":["https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd","https://nvd.nist.gov/vuln/detail/CVE-2019-18684"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-20482 affects tar","id":"23504","firedtimes":88},"data":{"vulnerability":{"package":{"name":"tar","version":"1.29b-2ubuntu0.1","architecture":"amd64","condition":"Package less or equal than 1.30"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"4.700000"}},"cve":"CVE-2018-20482","title":"CVE-2018-20482 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).","severity":"Medium","published":"2018-12-26","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-835","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377","https://bugzilla.redhat.com/show_bug.cgi?id=1662346"],"references":["http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454","http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html","http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html","http://www.securityfocus.com/bid/106354","https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html","https://news.ycombinator.com/item?id=18745431","https://security.gentoo.org/glsa/201903-05","https://twitter.com/thatcks/status/1076166645708668928","https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug","https://nvd.nist.gov/vuln/detail/CVE-2018-20482","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20482.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2015-2987 affects ed","id":"23503","firedtimes":9},"data":{"vulnerability":{"package":{"name":"ed","version":"1.10-2.1","architecture":"amd64","condition":"Package less or equal than 3.4"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.600000"}},"cve":"CVE-2015-2987","title":"Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.","severity":"Low","published":"2015-08-28","updated":"2015-08-31","state":"Fixed","cwe_reference":"CWE-17","references":["http://jvn.jp/en/jp/JVN91474878/index.html","http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119","http://type74.org/edman5-1.php","http://type74org.blog14.fc2.com/blog-entry-1384.html","https://nvd.nist.gov/vuln/detail/CVE-2015-2987"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-8769 affects elfutils","id":"23505","firedtimes":45},"data":{"vulnerability":{"package":{"name":"elfutils","version":"0.170-0.4ubuntu0.1","architecture":"amd64","condition":"Package matches a vulnerable version"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-8769","title":"elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.","severity":"High","published":"2018-03-18","updated":"2019-10-03","state":"Pending confirmation","cwe_reference":"CWE-125","references":["https://sourceware.org/bugzilla/show_bug.cgi?id=22976","https://nvd.nist.gov/vuln/detail/CVE-2018-8769"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1552 affects openssl","id":"23503","firedtimes":11},"data":{"vulnerability":{"package":{"name":"openssl","version":"1.1.1-1ubuntu2.1~18.04.6","architecture":"amd64","condition":"Package greater or equal than 1.1.1 and less or equal than 1.1.1c"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"3.300000"}},"cve":"CVE-2019-1552","title":"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-07-30","updated":"2019-08-23","state":"Fixed","cwe_reference":"CWE-295","references":["https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","https://security.netapp.com/advisory/ntap-20190823-0006/","https://support.f5.com/csp/article/K94041354","https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS","https://www.openssl.org/news/secadv/20190730.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1552"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-1752 affects libc-bin","id":"23503","firedtimes":12},"data":{"vulnerability":{"package":{"name":"libc-bin","source":"glibc","version":"2.27-3ubuntu1","architecture":"amd64","condition":"Package less than 2.32.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"}},"cve":"CVE-2020-1752","title":"CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.","rationale":"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.","severity":"Low","published":"2020-04-30","updated":"2020-05-18","state":"Fixed","cwe_reference":"CWE-416","references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752","https://security.netapp.com/advisory/ntap-20200511-0005/","https://sourceware.org/bugzilla/show_bug.cgi?id=25414","https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c","https://nvd.nist.gov/vuln/detail/CVE-2020-1752","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-1752 affects multiarch-support","id":"23503","firedtimes":17},"data":{"vulnerability":{"package":{"name":"multiarch-support","source":"glibc","version":"2.27-3ubuntu1","architecture":"amd64","condition":"Package less than 2.32.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"}},"cve":"CVE-2020-1752","title":"CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.","rationale":"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.","severity":"Low","published":"2020-04-30","updated":"2020-05-18","state":"Fixed","cwe_reference":"CWE-416","references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752","https://security.netapp.com/advisory/ntap-20200511-0005/","https://sourceware.org/bugzilla/show_bug.cgi?id=25414","https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c","https://nvd.nist.gov/vuln/detail/CVE-2020-1752","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-19645 affects libsqlite3-0","id":"23503","firedtimes":18},"data":{"vulnerability":{"package":{"name":"libsqlite3-0","source":"sqlite3","version":"3.22.0-1ubuntu0.3","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"2.100000"}},"cve":"CVE-2019-19645","title":"CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.","severity":"Low","published":"2019-12-09","updated":"2019-12-23","state":"Unfixed","cwe_reference":"CWE-674","references":["https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06","https://security.netapp.com/advisory/ntap-20191223-0001/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://nvd.nist.gov/vuln/detail/CVE-2019-19645","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-19645 affects sqlite3","id":"23503","firedtimes":19},"data":{"vulnerability":{"package":{"name":"sqlite3","version":"3.22.0-1ubuntu0.3","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"2.100000"}},"cve":"CVE-2019-19645","title":"CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.","severity":"Low","published":"2019-12-09","updated":"2019-12-23","state":"Unfixed","cwe_reference":"CWE-674","references":["https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06","https://security.netapp.com/advisory/ntap-20191223-0001/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://nvd.nist.gov/vuln/detail/CVE-2019-19645","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects login","id":"23503","firedtimes":20},"data":{"vulnerability":{"package":{"name":"login","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects passwd","id":"23503","firedtimes":21},"data":{"vulnerability":{"package":{"name":"passwd","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects login","id":"23503","firedtimes":20},"data":{"vulnerability":{"package":{"name":"login","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-1003010 affects git","id":"23504","firedtimes":162},"data":{"vulnerability":{"package":{"name":"git","version":"1:2.17.1-1ubuntu0.7","architecture":"amd64","condition":"Package less or equal than 3.9.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"4.300000"}},"cve":"CVE-2019-1003010","title":"A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.","severity":"Medium","published":"2019-02-06","updated":"2019-04-26","state":"Fixed","cwe_reference":"CWE-352","references":["https://access.redhat.com/errata/RHBA-2019:0326","https://access.redhat.com/errata/RHBA-2019:0327","https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095","https://nvd.nist.gov/vuln/detail/CVE-2019-1003010"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-9366 affects screen","id":"23505","firedtimes":77},"data":{"vulnerability":{"package":{"name":"screen","version":"4.6.2-1ubuntu1","architecture":"amd64","condition":"Package less than 4.8.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"}},"cve":"CVE-2020-9366","title":"A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.","severity":"High","published":"2020-02-24","updated":"2020-03-30","state":"Fixed","cwe_reference":"CWE-120","references":["http://www.openwall.com/lists/oss-security/2020/02/25/1","https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html","https://security.gentoo.org/glsa/202003-62","https://www.openwall.com/lists/oss-security/2020/02/06/3","https://nvd.nist.gov/vuln/detail/CVE-2020-9366"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-15847 affects gcc","id":"23505","firedtimes":86},"data":{"vulnerability":{"package":{"name":"gcc","source":"gcc-defaults","version":"4:7.4.0-1ubuntu2.3","architecture":"amd64","condition":"Package less than 10.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"none","availability":"none"},"base_score":"7.500000"}},"cve":"CVE-2019-15847","title":"CVE-2019-15847 on Ubuntu 18.04 LTS (bionic) - negligible.","rationale":"The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.","severity":"High","published":"2019-09-02","updated":"2020-05-26","state":"Fixed","cwe_reference":"CWE-331","bugzilla_references":["https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html","https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481","https://nvd.nist.gov/vuln/detail/CVE-2019-15847","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15847.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-14988 affects libopenexr22","id":"23504","firedtimes":189},"data":{"vulnerability":{"package":{"name":"libopenexr22","source":"openexr","version":"2.2.0-11.1ubuntu1.2","architecture":"amd64","condition":"Package matches a vulnerable version"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2017-14988","title":"** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.","severity":"Medium","published":"2017-10-03","updated":"2019-09-23","state":"Pending confirmation","cwe_reference":"CWE-400","references":["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00063.html","https://github.com/openexr/openexr/issues/248","https://nvd.nist.gov/vuln/detail/CVE-2017-14988"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2","id":"23504","firedtimes":190},"data":{"vulnerability":{"package":{"name":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-bin","id":"23504","firedtimes":191},"data":{"vulnerability":{"package":{"name":"apache2-bin","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-data","id":"23504","firedtimes":192},"data":{"vulnerability":{"package":{"name":"apache2-data","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"all","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-utils","id":"23504","firedtimes":193},"data":{"vulnerability":{"package":{"name":"apache2-utils","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-15919 affects openssh-client","id":"23504","firedtimes":197},"data":{"vulnerability":{"package":{"name":"openssh-client","source":"openssh","version":"1:7.6p1-4ubuntu0.3","architecture":"amd64","condition":"Package greater or equal than 5.9 and less or equal than 7.8"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"low","integrity_impact":"none","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2018-15919","title":"CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","severity":"Medium","published":"2018-08-28","updated":"2019-03-07","state":"Fixed","cwe_reference":"CWE-200","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503","https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919"],"references":["http://seclists.org/oss-sec/2018/q3/180","http://www.securityfocus.com/bid/105163","https://security.netapp.com/advisory/ntap-20181221-0001/","https://nvd.nist.gov/vuln/detail/CVE-2018-15919","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html","http://www.openwall.com/lists/oss-security/2018/08/27/2","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-15919 affects openssh-server","id":"23504","firedtimes":198},"data":{"vulnerability":{"package":{"name":"openssh-server","source":"openssh","version":"1:7.6p1-4ubuntu0.3","architecture":"amd64","condition":"Package greater or equal than 5.9 and less or equal than 7.8"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"low","integrity_impact":"none","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2018-15919","title":"CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","severity":"Medium","published":"2018-08-28","updated":"2019-03-07","state":"Fixed","cwe_reference":"CWE-200","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503","https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919"],"references":["http://seclists.org/oss-sec/2018/q3/180","http://www.securityfocus.com/bid/105163","https://security.netapp.com/advisory/ntap-20181221-0001/","https://nvd.nist.gov/vuln/detail/CVE-2018-15919","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html","http://www.openwall.com/lists/oss-security/2018/08/27/2","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17595 affects ncurses-base","id":"23504","firedtimes":222},"data":{"vulnerability":{"package":{"name":"ncurses-base","source":"ncurses","version":"6.1-1ubuntu1.18.04","architecture":"all","condition":"Package less than 6.1.20191012"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"partial"},"base_score":"5.800000"}},"cve":"CVE-2019-17595","title":"CVE-2019-17595 on Ubuntu 18.04 LTS (bionic) - negligible.","rationale":"There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.","severity":"Medium","published":"2019-10-14","updated":"2019-12-23","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942401"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html","https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html","https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html","https://nvd.nist.gov/vuln/detail/CVE-2019-17595","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17595.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17543 affects liblz4-1","id":"23504","firedtimes":244},"data":{"vulnerability":{"package":{"name":"liblz4-1","source":"lz4","version":"0.0~r131-2ubuntu2","architecture":"amd64","condition":"Package less than 1.9.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17543","title":"CVE-2019-17543 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"","severity":"Medium","published":"2019-10-14","updated":"2019-10-24","state":"Fixed","cwe_reference":"CWE-120","bugzilla_references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943680"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941","https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2","https://github.com/lz4/lz4/issues/801","https://github.com/lz4/lz4/pull/756","https://github.com/lz4/lz4/pull/760","https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E","https://nvd.nist.gov/vuln/detail/CVE-2019-17543","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17543.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17543"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-20217 affects libkrb5-3","id":"23504","firedtimes":254},"data":{"vulnerability":{"package":{"name":"libkrb5-3","source":"krb5","version":"1.13.2+dfsg-5ubuntu2.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"single","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"3.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.300000"}},"cve":"CVE-2018-20217","title":"CVE-2018-20217 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.","severity":"Medium","published":"2018-12-26","updated":"2019-10-03","state":"Unfixed","cwe_reference":"CWE-617","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387","http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763"],"references":["http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763","https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086","https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/","https://security.netapp.com/advisory/ntap-20190416-0006/","https://nvd.nist.gov/vuln/detail/CVE-2018-20217","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20217.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-14036 affects accountsservice","id":"23504","firedtimes":256},"data":{"vulnerability":{"package":{"name":"accountsservice","version":"0.6.40-2ubuntu11.3","architecture":"amd64","condition":"Package less than 0.6.50"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"single","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"4"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"none","availability":"none"},"base_score":"6.500000"}},"cve":"CVE-2018-14036","title":"CVE-2018-14036 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.","severity":"Medium","published":"2018-07-13","updated":"2018-09-06","state":"Fixed","cwe_reference":"CWE-22","bugzilla_references":["https://bugs.freedesktop.org/show_bug.cgi?id=107085","https://bugzilla.suse.com/show_bug.cgi?id=1099699"],"references":["http://www.openwall.com/lists/oss-security/2018/07/02/2","http://www.securityfocus.com/bid/104757","https://bugs.freedesktop.org/show_bug.cgi?id=107085","https://bugzilla.suse.com/show_bug.cgi?id=1099699","https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a","https://nvd.nist.gov/vuln/detail/CVE-2018-14036","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14036.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14036"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-7244 affects libpcre3","id":"23504","firedtimes":265},"data":{"vulnerability":{"package":{"name":"libpcre3","source":"pcre3","version":"2:8.38-3.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2017-7244","title":"CVE-2017-7244 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.","severity":"Medium","published":"2017-03-23","updated":"2018-08-17","state":"Unfixed","cwe_reference":"CWE-125","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683","https://bugs.exim.org/show_bug.cgi?id=2052","https://bugs.exim.org/show_bug.cgi?id=2054"],"references":["http://www.securityfocus.com/bid/97067","https://access.redhat.com/errata/RHSA-2018:2486","https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/","https://security.gentoo.org/glsa/201710-25","https://nvd.nist.gov/vuln/detail/CVE-2017-7244","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7244.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-8631 affects grub-legacy-ec2","id":"23503","firedtimes":32},"data":{"vulnerability":{"package":{"name":"grub-legacy-ec2","source":"cloud-init","version":"19.4-33-gbb4131a2-0ubuntu1~16.04.1","architecture":"all","condition":"Package less or equal than 19.4"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.100000"}},"cve":"CVE-2020-8631","title":"CVE-2020-8631 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.","severity":"Low","published":"2020-02-05","updated":"2020-02-21","state":"Fixed","cwe_reference":"CWE-330","references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html","https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795","https://github.com/canonical/cloud-init/pull/204","https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html","https://nvd.nist.gov/vuln/detail/CVE-2020-8631","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8631.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-20079 affects vim","id":"23505","firedtimes":109},"data":{"vulnerability":{"package":{"name":"vim","version":"2:7.4.1689-3ubuntu1.4","architecture":"amd64","condition":"Package less than 8.1.2136"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"}},"cve":"CVE-2019-20079","title":"The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.","severity":"High","published":"2019-12-30","updated":"2020-03-30","state":"Fixed","cwe_reference":"CWE-416","references":["https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421","https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136","https://packetstormsecurity.com/files/154898","https://usn.ubuntu.com/4309-1/","https://nvd.nist.gov/vuln/detail/CVE-2019-20079"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2016-4484 affects cryptsetup","id":"23504","firedtimes":290},"data":{"vulnerability":{"package":{"name":"cryptsetup","version":"2:1.6.6-5ubuntu2.1","architecture":"amd64","condition":"Package less or equal than 2.1.7.3-2"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"physical","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"6.800000"}},"cve":"CVE-2016-4484","title":"CVE-2016-4484 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.","severity":"Medium","published":"2017-01-23","updated":"2017-01-26","state":"Fixed","cwe_reference":"CWE-287","bugzilla_references":["https://launchpad.net/bugs/1660701"],"references":["http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html","http://www.openwall.com/lists/oss-security/2016/11/14/13","http://www.openwall.com/lists/oss-security/2016/11/15/1","http://www.openwall.com/lists/oss-security/2016/11/15/4","http://www.openwall.com/lists/oss-security/2016/11/16/6","http://www.securityfocus.com/bid/94315","https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb","https://nvd.nist.gov/vuln/detail/CVE-2016-4484","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-13050 affects gnupg","id":"23505","firedtimes":114},"data":{"vulnerability":{"package":{"name":"gnupg","version":"1.4.20-1ubuntu3.3","architecture":"amd64","condition":"Package less or equal than 2.2.16"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"7.500000"}},"cve":"CVE-2019-13050","title":"CVE-2019-13050 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.","severity":"High","published":"2019-06-29","updated":"2019-07-09","state":"Fixed","cwe_reference":"CWE-297","bugzilla_references":["https://bugs.launchpad.net/bugs/1844059","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-13050","https://dev.gnupg.org/T4591","https://dev.gnupg.org/T4607","https://dev.gnupg.org/T4628"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html","https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/","https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html","https://support.f5.com/csp/article/K08654551","https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS","https://twitter.com/lambdafu/status/1147162583969009664","https://nvd.nist.gov/vuln/detail/CVE-2019-13050","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects mount","id":"23505","firedtimes":128},"data":{"vulnerability":{"package":{"name":"mount","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects util-linux","id":"23505","firedtimes":129},"data":{"vulnerability":{"package":{"name":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects uuid-runtime","id":"23505","firedtimes":130},"data":{"vulnerability":{"package":{"name":"uuid-runtime","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1547 affects libssl1.0.0","id":"23503","firedtimes":35},"data":{"vulnerability":{"package":{"name":"libssl1.0.0","source":"openssl","version":"1.0.2g-1ubuntu4.15","architecture":"amd64","condition":"Package greater or equal than 1.0.2 and less or equal than 1.0.2s"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"1.900000"}},"cve":"CVE-2019-1547","title":"CVE-2019-1547 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-09-10","updated":"2019-09-12","state":"Fixed","cwe_reference":"CWE-311","references":["http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html","http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html","http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html","https://arxiv.org/abs/1909.01785","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a","https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/","https://seclists.org/bugtraq/2019/Oct/0","https://seclists.org/bugtraq/2019/Oct/1","https://seclists.org/bugtraq/2019/Sep/25","https://security.gentoo.org/glsa/201911-04","https://security.netapp.com/advisory/ntap-20190919-0002/","https://security.netapp.com/advisory/ntap-20200122-0002/","https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS","https://www.debian.org/security/2019/dsa-4539","https://www.debian.org/security/2019/dsa-4540","https://www.openssl.org/news/secadv/20190910.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1547","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1547.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547","https://usn.ubuntu.com/usn/usn-4376-1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-3843 affects systemd","id":"23505","firedtimes":134},"data":{"vulnerability":{"package":{"name":"systemd","version":"229-4ubuntu21.27","architecture":"amd64","condition":"Package less than 242"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"4.600000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2019-3843","title":"It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.","severity":"High","published":"2019-04-26","updated":"2019-06-19","state":"Fixed","cwe_reference":"CWE-264","references":["http://www.securityfocus.com/bid/108116","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/","https://security.netapp.com/advisory/ntap-20190619-0002/","https://usn.ubuntu.com/4269-1/","https://nvd.nist.gov/vuln/detail/CVE-2019-3843"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-11727 affects thunderbird","id":"23504","firedtimes":312},"data":{"vulnerability":{"package":{"name":"thunderbird","version":"1:68.8.0+build2-0ubuntu0.16.04.2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2019-11727","title":"CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.","severity":"Medium","published":"2019-07-23","updated":"2019-07-30","state":"Unfixed","cwe_reference":"CWE-295","bugzilla_references":["https://bugzilla.mozilla.org/show_bug.cgi?id=1552208"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html","https://access.redhat.com/errata/RHSA-2019:1951","https://bugzilla.mozilla.org/show_bug.cgi?id=1552208","https://security.gentoo.org/glsa/201908-12","https://www.mozilla.org/security/advisories/mfsa2019-21/","https://nvd.nist.gov/vuln/detail/CVE-2019-11727","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11727.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727","https://usn.ubuntu.com/usn/usn-4054-1","https://usn.ubuntu.com/usn/usn-4060-1","https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-18276 affects bash","id":"23505","firedtimes":158},"data":{"vulnerability":{"package":{"name":"bash","version":"4.3-14ubuntu1.4","architecture":"amd64","condition":"Package less or equal than 5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"}},"cve":"CVE-2019-18276","title":"CVE-2019-18276 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.","severity":"High","published":"2019-11-28","updated":"2020-04-30","state":"Fixed","cwe_reference":"CWE-273","bugzilla_references":["https://bugzilla.suse.com/show_bug.cgi?id=1158028"],"references":["http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html","https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff","https://security.netapp.com/advisory/ntap-20200430-0003/","https://www.youtube.com/watch?v=-wGtxJ8opa8","https://nvd.nist.gov/vuln/detail/CVE-2019-18276","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18276.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-9502 affects curl","id":"23504","firedtimes":334},"data":{"vulnerability":{"package":{"name":"curl","version":"7.47.0-1ubuntu2.14","architecture":"amd64","condition":"Package less or equal than 7.54.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"low"},"base_score":"5.300000"}},"cve":"CVE-2017-9502","title":"In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given \"URL\" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string \"file://\").","severity":"Medium","published":"2017-06-14","updated":"2017-07-08","state":"Fixed","cwe_reference":"CWE-119","references":["http://openwall.com/lists/oss-security/2017/06/14/1","http://www.securityfocus.com/bid/99120","http://www.securitytracker.com/id/1038697","https://curl.haxx.se/docs/adv_20170614.html","https://nvd.nist.gov/vuln/detail/CVE-2017-9502"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-20483 affects wget","id":"23505","firedtimes":175},"data":{"vulnerability":{"package":{"name":"wget","version":"1.17.1-1ubuntu1.5","architecture":"amd64","condition":"Package less than 1.20.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.100000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-20483","title":"set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.","severity":"High","published":"2018-12-26","updated":"2019-04-09","state":"Fixed","cwe_reference":"CWE-255","references":["http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS","http://www.securityfocus.com/bid/106358","https://access.redhat.com/errata/RHSA-2019:3701","https://security.gentoo.org/glsa/201903-08","https://security.netapp.com/advisory/ntap-20190321-0002/","https://twitter.com/marcan42/status/1077676739877232640","https://usn.ubuntu.com/3943-1/","https://nvd.nist.gov/vuln/detail/CVE-2018-20483"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-1010204 affects binutils","id":"23504","firedtimes":369},"data":{"vulnerability":{"package":{"name":"binutils","version":"2.26.1-1ubuntu1~16.04.8","architecture":"amd64","condition":"Package greater or equal than 2.21 and less or equal than 2.31.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2019-1010204","title":"CVE-2019-1010204 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.","severity":"Medium","published":"2019-07-23","updated":"2019-08-22","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://sourceware.org/bugzilla/show_bug.cgi?id=23765"],"references":["https://security.netapp.com/advisory/ntap-20190822-0001/","https://sourceware.org/bugzilla/show_bug.cgi?id=23765","https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS","https://nvd.nist.gov/vuln/detail/CVE-2019-1010204","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010204.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-14855 affects dirmngr","id":"23504","firedtimes":382},"data":{"vulnerability":{"package":{"name":"dirmngr","source":"gnupg2","version":"2.1.11-6ubuntu2.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"}},"cve":"CVE-2019-14855","title":"CVE-2019-14855 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.","severity":"Medium","published":"2020-03-20","updated":"2020-03-24","state":"Unfixed","cwe_reference":"CWE-327","bugzilla_references":["https://dev.gnupg.org/T4755"],"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855","https://dev.gnupg.org/T4755","https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html","https://rwc.iacr.org/2020/slides/Leurent.pdf","https://nvd.nist.gov/vuln/detail/CVE-2019-14855","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14855.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855","https://eprint.iacr.org/2020/014.pdf"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2016-5011 affects uuid-runtime","id":"23504","firedtimes":395},"data":{"vulnerability":{"package":{"name":"uuid-runtime","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"complete"},"base_score":"4.700000"},"cvss3":{"vector":{"attack_vector":"physical","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"4.300000"}},"cve":"CVE-2016-5011","title":"CVE-2016-5011 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.","severity":"Medium","published":"2017-04-11","updated":"2017-04-17","state":"Unfixed","cwe_reference":"CWE-399","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802","https://bugzilla.redhat.com/show_bug.cgi?id=1349536"],"references":["http://rhn.redhat.com/errata/RHSA-2016-2605.html","http://www.openwall.com/lists/oss-security/2016/07/11/2","http://www.securityfocus.com/bid/91683","http://www.securitytracker.com/id/1036272","http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543","http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801","https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3","https://nvd.nist.gov/vuln/detail/CVE-2016-5011","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2015-5191 affects open-vm-tools","id":"23504","firedtimes":396},"data":{"vulnerability":{"package":{"name":"open-vm-tools","version":"2:10.2.0-3~ubuntu0.16.04.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"6.700000"}},"cve":"CVE-2015-5191","title":"CVE-2015-5191 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","severity":"Medium","published":"2017-07-28","updated":"2017-08-08","state":"Unfixed","cwe_reference":"CWE-362","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869633"],"references":["http://www.securityfocus.com/bid/100011","http://www.securitytracker.com/id/1039013","https://www.vmware.com/security/advisories/VMSA-2017-0013.html","https://nvd.nist.gov/vuln/detail/CVE-2015-5191","http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5191.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-8975 affects netpbm","id":"23504","firedtimes":397},"data":{"vulnerability":{"package":{"name":"netpbm","source":"netpbm-free","version":"2:10.0-15.3","architecture":"amd64","condition":"Package less or equal than 10.81.03"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2018-8975","title":"The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.","severity":"Medium","published":"2018-03-25","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-125","references":["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00056.html","https://github.com/xiaoqx/pocs/blob/master/netpbm","https://nvd.nist.gov/vuln/detail/CVE-2018-8975"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-19232 affects sudo","id":"23504","firedtimes":398},"data":{"vulnerability":{"package":{"name":"sudo","version":"1.8.16-0ubuntu1.9","architecture":"amd64","condition":"Package less or equal than 1.8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"5"}},"cve":"CVE-2019-19232","title":"CVE-2019-19232 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.","severity":"Medium","published":"2019-12-19","updated":"2020-01-30","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947225"],"references":["http://seclists.org/fulldisclosure/2020/Mar/31","https://access.redhat.com/security/cve/cve-2019-19232","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870","https://security.netapp.com/advisory/ntap-20200103-0004/","https://support.apple.com/en-gb/HT211100","https://support.apple.com/kb/HT211100","https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232","https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506","https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html","https://www.oracle.com/security-alerts/bulletinapr2020.html","https://www.sudo.ws/devel.html#1.8.30b2","https://www.sudo.ws/stable.html","https://www.tenable.com/plugins/nessus/133936","https://nvd.nist.gov/vuln/detail/CVE-2019-19232","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19232.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19232"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-12588 affects rsyslog","id":"23506","firedtimes":64},"data":{"vulnerability":{"package":{"name":"rsyslog","version":"8.16.0-1ubuntu3.1","architecture":"amd64","condition":"Package less or equal than 8.27.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-12588","title":"The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.","severity":"Critical","published":"2017-08-06","updated":"2017-08-14","state":"Fixed","cwe_reference":"CWE-134","references":["https://github.com/rsyslog/rsyslog/blob/master/ChangeLog","https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b","https://github.com/rsyslog/rsyslog/pull/1565","https://nvd.nist.gov/vuln/detail/CVE-2017-12588"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-18342 affects python3-yaml","id":"23506","firedtimes":65},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.11-3build1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-18342","title":"CVE-2017-18342 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.","severity":"Critical","published":"2018-06-27","updated":"2019-06-24","state":"Unfixed","cwe_reference":"CWE-20","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902878"],"references":["https://github.com/marshmallow-code/apispec/issues/278","https://github.com/yaml/pyyaml/blob/master/CHANGES","https://github.com/yaml/pyyaml/issues/193","https://github.com/yaml/pyyaml/pull/74","https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/","https://security.gentoo.org/glsa/202003-45","https://nvd.nist.gov/vuln/detail/CVE-2017-18342","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18342.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-15994 affects rsync","id":"23506","firedtimes":66},"data":{"vulnerability":{"package":{"name":"rsync","version":"3.1.1-3ubuntu1.3","architecture":"amd64","condition":"Package less or equal than 3.1.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-15994","title":"rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.","severity":"Critical","published":"2017-10-29","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-354","references":["https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3","https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55","https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b","https://nvd.nist.gov/vuln/detail/CVE-2017-15994"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2019-9169 affects libc6","id":"23506","firedtimes":68},"data":{"vulnerability":{"package":{"name":"libc6","source":"glibc","version":"2.23-0ubuntu11","architecture":"amd64","condition":"Package less or equal than 2.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2019-9169","title":"CVE-2019-9169 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.","severity":"Critical","published":"2019-02-26","updated":"2019-04-16","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","https://sourceware.org/bugzilla/show_bug.cgi?id=24114"],"references":["http://www.securityfocus.com/bid/107160","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","https://kc.mcafee.com/corporate/index?page=content&id=SB10278","https://security.netapp.com/advisory/ntap-20190315-0002/","https://sourceware.org/bugzilla/show_bug.cgi?id=24114","https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9","https://support.f5.com/csp/article/K54823184","https://nvd.nist.gov/vuln/detail/CVE-2019-9169","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9169.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-15088 affects krb5-locales","id":"23506","firedtimes":73},"data":{"vulnerability":{"package":{"name":"krb5-locales","source":"krb5","version":"1.13.2+dfsg-5ubuntu2.1","architecture":"all","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-15088","title":"CVE-2017-15088 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.","severity":"Critical","published":"2017-11-23","updated":"2019-10-09","state":"Unfixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698"],"references":["http://www.securityfocus.com/bid/101594","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698","https://bugzilla.redhat.com/show_bug.cgi?id=1504045","https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4","https://github.com/krb5/krb5/pull/707","https://nvd.nist.gov/vuln/detail/CVE-2017-15088","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15088.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2018-6485 affects libc-bin","id":"23506","firedtimes":78},"data":{"vulnerability":{"package":{"name":"libc-bin","source":"glibc","version":"2.23-0ubuntu11","architecture":"amd64","condition":"Package less or equal than 2.26"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2018-6485","title":"CVE-2018-6485 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.","severity":"Critical","published":"2018-02-01","updated":"2019-12-10","state":"Fixed","cwe_reference":"CWE-190","bugzilla_references":["http://bugs.debian.org/878159","https://sourceware.org/bugzilla/show_bug.cgi?id=22343"],"references":["http://bugs.debian.org/878159","http://www.securityfocus.com/bid/102912","https://access.redhat.com/errata/RHBA-2019:0327","https://access.redhat.com/errata/RHSA-2018:3092","https://security.netapp.com/advisory/ntap-20190404-0003/","https://sourceware.org/bugzilla/show_bug.cgi?id=22343","https://usn.ubuntu.com/4218-1/","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://nvd.nist.gov/vuln/detail/CVE-2018-6485","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6485.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485","https://usn.ubuntu.com/usn/usn-4218-1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7944 affects libxfixes3","id":"23506","firedtimes":82},"data":{"vulnerability":{"package":{"name":"libxfixes3","source":"libxfixes","version":"1:5.0.1-2","architecture":"amd64","condition":"Package less or equal than 5.0.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7944","title":"CVE-2016-7944 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-190","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840442"],"references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93361","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7944","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7944.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7947 affects libxrandr2","id":"23506","firedtimes":83},"data":{"vulnerability":{"package":{"name":"libxrandr2","source":"libxrandr","version":"2:1.5.0-1","architecture":"amd64","condition":"Package less or equal than 1.5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7947","title":"CVE-2016-7947 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-787","references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93365","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7947","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7948 affects libxrandr2","id":"23506","firedtimes":84},"data":{"vulnerability":{"package":{"name":"libxrandr2","source":"libxrandr","version":"2:1.5.0-1","architecture":"amd64","condition":"Package less or equal than 1.5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7948","title":"CVE-2016-7948 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-787","references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93373","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7948","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, + { + rule: { + level: 7, + description: 'CVE-2017-18018 affects coreutils', + id: '23504', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'coreutils', + version: '8.28-1ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'high', + availability: 'none', + }, + base_score: '4.700000', + }, + }, + cve: 'CVE-2017-18018', + title: 'CVE-2017-18018 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.', + severity: 'Medium', + published: '2018-01-04', + updated: '2018-01-19', + state: 'Fixed', + cwe_reference: 'CWE-362', + references: [ + 'http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-18018', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18018.html', + 'http://www.openwall.com/lists/oss-security/2018/01/04/3', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018', + 'https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html', + 'https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17540 affects imagemagick', + id: '23504', + firedtimes: 2, + }, + data: { + vulnerability: { + package: { + name: 'imagemagick', + version: '8:6.9.7.4+dfsg-16ubuntu6.8', + architecture: 'amd64', + condition: 'Package less than 7.0.8-54', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17540', + title: + 'ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-23', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578', + 'https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54', + 'https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D', + 'https://security-tracker.debian.org/tracker/CVE-2019-17540', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17540', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17540 affects libmagickcore-6.q16-3', + id: '23504', + firedtimes: 5, + }, + data: { + vulnerability: { + package: { + name: 'libmagickcore-6.q16-3', + source: 'imagemagick', + version: '8:6.9.7.4+dfsg-16ubuntu6.8', + architecture: 'amd64', + condition: 'Package less than 7.0.8-54', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17540', + title: + 'ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-23', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578', + 'https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54', + 'https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D', + 'https://security-tracker.debian.org/tracker/CVE-2019-17540', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17540', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-1000035 affects unzip', + id: '23505', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'unzip', + version: '6.0-21ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 6.00', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-1000035', + title: 'CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.', + severity: 'High', + published: '2018-02-09', + updated: '2020-01-29', + state: 'Fixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838', + ], + references: [ + 'https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html', + 'https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + 'https://security.gentoo.org/glsa/202003-58', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-1000035', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035', + 'https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-1000035 affects unzip', + id: '23505', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'unzip', + version: '6.0-21ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 6.00', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-1000035', + title: 'CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.', + severity: 'High', + published: '2018-02-09', + updated: '2020-01-29', + state: 'Fixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838', + ], + references: [ + 'https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html', + 'https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + 'https://security.gentoo.org/glsa/202003-58', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-1000035', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035', + 'https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-1747 affects python3-yaml', + id: '23505', + firedtimes: 44, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.12-1build2', + architecture: 'amd64', + condition: 'Package less than 5.3.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '10', + }, + }, + cve: 'CVE-2020-1747', + title: + 'A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.', + severity: 'High', + published: '2020-03-24', + updated: '2020-05-11', + state: 'Fixed', + cwe_reference: 'CWE-20', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747', + 'https://github.com/yaml/pyyaml/pull/386', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1747', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1552 affects openssl', + id: '23503', + firedtimes: 11, + }, + data: { + vulnerability: { + package: { + name: 'openssl', + version: '1.1.1-1ubuntu2.1~18.04.6', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.1.1 and less or equal than 1.1.1c', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2019-1552', + title: + "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", + severity: 'Low', + published: '2019-07-30', + updated: '2019-08-23', + state: 'Fixed', + cwe_reference: 'CWE-295', + references: [ + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', + 'https://security.netapp.com/advisory/ntap-20190823-0006/', + 'https://support.f5.com/csp/article/K94041354', + 'https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS', + 'https://www.openssl.org/news/secadv/20190730.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1552', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-1747 affects python3-yaml', + id: '23505', + firedtimes: 44, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.12-1build2', + architecture: 'amd64', + condition: 'Package less than 5.3.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '10', + }, + }, + cve: 'CVE-2020-1747', + title: + 'A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.', + severity: 'High', + published: '2020-03-24', + updated: '2020-05-11', + state: 'Fixed', + cwe_reference: 'CWE-20', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747', + 'https://github.com/yaml/pyyaml/pull/386', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1747', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-18684 affects sudo', + id: '23504', + firedtimes: 87, + }, + data: { + vulnerability: { + package: { + name: 'sudo', + version: '1.8.21p2-3ubuntu1.2', + architecture: 'amd64', + condition: 'Package less or equal than 1.8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '6.900000', + }, + }, + cve: 'CVE-2019-18684', + title: + '** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=(ALL) NOPASSWD:ALL" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.', + severity: 'Medium', + published: '2019-11-04', + updated: '2019-11-08', + state: 'Fixed', + cwe_reference: 'CWE-362', + references: [ + 'https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-18684', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-20482 affects tar', + id: '23504', + firedtimes: 88, + }, + data: { + vulnerability: { + package: { + name: 'tar', + version: '1.29b-2ubuntu0.1', + architecture: 'amd64', + condition: 'Package less or equal than 1.30', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '4.700000', + }, + }, + cve: 'CVE-2018-20482', + title: 'CVE-2018-20482 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).", + severity: 'Medium', + published: '2018-12-26', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-835', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1662346', + ], + references: [ + 'http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454', + 'http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html', + 'http://www.securityfocus.com/bid/106354', + 'https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html', + 'https://news.ycombinator.com/item?id=18745431', + 'https://security.gentoo.org/glsa/201903-05', + 'https://twitter.com/thatcks/status/1076166645708668928', + 'https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20482', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20482.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2015-2987 affects ed', + id: '23503', + firedtimes: 9, + }, + data: { + vulnerability: { + package: { + name: 'ed', + version: '1.10-2.1', + architecture: 'amd64', + condition: 'Package less or equal than 3.4', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.600000', + }, + }, + cve: 'CVE-2015-2987', + title: + 'Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.', + severity: 'Low', + published: '2015-08-28', + updated: '2015-08-31', + state: 'Fixed', + cwe_reference: 'CWE-17', + references: [ + 'http://jvn.jp/en/jp/JVN91474878/index.html', + 'http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119', + 'http://type74.org/edman5-1.php', + 'http://type74org.blog14.fc2.com/blog-entry-1384.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2015-2987', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-8769 affects elfutils', + id: '23505', + firedtimes: 45, + }, + data: { + vulnerability: { + package: { + name: 'elfutils', + version: '0.170-0.4ubuntu0.1', + architecture: 'amd64', + condition: 'Package matches a vulnerable version', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-8769', + title: + 'elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.', + severity: 'High', + published: '2018-03-18', + updated: '2019-10-03', + state: 'Pending confirmation', + cwe_reference: 'CWE-125', + references: [ + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22976', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-8769', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1552 affects openssl', + id: '23503', + firedtimes: 11, + }, + data: { + vulnerability: { + package: { + name: 'openssl', + version: '1.1.1-1ubuntu2.1~18.04.6', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.1.1 and less or equal than 1.1.1c', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2019-1552', + title: + "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", + severity: 'Low', + published: '2019-07-30', + updated: '2019-08-23', + state: 'Fixed', + cwe_reference: 'CWE-295', + references: [ + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', + 'https://security.netapp.com/advisory/ntap-20190823-0006/', + 'https://support.f5.com/csp/article/K94041354', + 'https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS', + 'https://www.openssl.org/news/secadv/20190730.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1552', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-1752 affects libc-bin', + id: '23503', + firedtimes: 12, + }, + data: { + vulnerability: { + package: { + name: 'libc-bin', + source: 'glibc', + version: '2.27-3ubuntu1', + architecture: 'amd64', + condition: 'Package less than 2.32.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + }, + cve: 'CVE-2020-1752', + title: 'CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.', + rationale: + 'A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.', + severity: 'Low', + published: '2020-04-30', + updated: '2020-05-18', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752', + 'https://security.netapp.com/advisory/ntap-20200511-0005/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=25414', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1752', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752', + 'https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-1752 affects multiarch-support', + id: '23503', + firedtimes: 17, + }, + data: { + vulnerability: { + package: { + name: 'multiarch-support', + source: 'glibc', + version: '2.27-3ubuntu1', + architecture: 'amd64', + condition: 'Package less than 2.32.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + }, + cve: 'CVE-2020-1752', + title: 'CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.', + rationale: + 'A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.', + severity: 'Low', + published: '2020-04-30', + updated: '2020-05-18', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752', + 'https://security.netapp.com/advisory/ntap-20200511-0005/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=25414', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1752', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752', + 'https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-19645 affects libsqlite3-0', + id: '23503', + firedtimes: 18, + }, + data: { + vulnerability: { + package: { + name: 'libsqlite3-0', + source: 'sqlite3', + version: '3.22.0-1ubuntu0.3', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2019-19645', + title: 'CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.', + severity: 'Low', + published: '2019-12-09', + updated: '2019-12-23', + state: 'Unfixed', + cwe_reference: 'CWE-674', + references: [ + 'https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06', + 'https://security.netapp.com/advisory/ntap-20191223-0001/', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19645', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-19645 affects sqlite3', + id: '23503', + firedtimes: 19, + }, + data: { + vulnerability: { + package: { + name: 'sqlite3', + version: '3.22.0-1ubuntu0.3', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2019-19645', + title: 'CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.', + severity: 'Low', + published: '2019-12-09', + updated: '2019-12-23', + state: 'Unfixed', + cwe_reference: 'CWE-674', + references: [ + 'https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06', + 'https://security.netapp.com/advisory/ntap-20191223-0001/', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19645', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects login', + id: '23503', + firedtimes: 20, + }, + data: { + vulnerability: { + package: { + name: 'login', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects passwd', + id: '23503', + firedtimes: 21, + }, + data: { + vulnerability: { + package: { + name: 'passwd', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects login', + id: '23503', + firedtimes: 20, + }, + data: { + vulnerability: { + package: { + name: 'login', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-1003010 affects git', + id: '23504', + firedtimes: 162, + }, + data: { + vulnerability: { + package: { + name: 'git', + version: '1:2.17.1-1ubuntu0.7', + architecture: 'amd64', + condition: 'Package less or equal than 3.9.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '4.300000', + }, + }, + cve: 'CVE-2019-1003010', + title: + 'A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.', + severity: 'Medium', + published: '2019-02-06', + updated: '2019-04-26', + state: 'Fixed', + cwe_reference: 'CWE-352', + references: [ + 'https://access.redhat.com/errata/RHBA-2019:0326', + 'https://access.redhat.com/errata/RHBA-2019:0327', + 'https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1003010', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-9366 affects screen', + id: '23505', + firedtimes: 77, + }, + data: { + vulnerability: { + package: { + name: 'screen', + version: '4.6.2-1ubuntu1', + architecture: 'amd64', + condition: 'Package less than 4.8.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2020-9366', + title: + 'A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.', + severity: 'High', + published: '2020-02-24', + updated: '2020-03-30', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'http://www.openwall.com/lists/oss-security/2020/02/25/1', + 'https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html', + 'https://security.gentoo.org/glsa/202003-62', + 'https://www.openwall.com/lists/oss-security/2020/02/06/3', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-9366', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-15847 affects gcc', + id: '23505', + firedtimes: 86, + }, + data: { + vulnerability: { + package: { + name: 'gcc', + source: 'gcc-defaults', + version: '4:7.4.0-1ubuntu2.3', + architecture: 'amd64', + condition: 'Package less than 10.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-15847', + title: 'CVE-2019-15847 on Ubuntu 18.04 LTS (bionic) - negligible.', + rationale: + 'The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.', + severity: 'High', + published: '2019-09-02', + updated: '2020-05-26', + state: 'Fixed', + cwe_reference: 'CWE-331', + bugzilla_references: [ + 'https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html', + 'https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-15847', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15847.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-14988 affects libopenexr22', + id: '23504', + firedtimes: 189, + }, + data: { + vulnerability: { + package: { + name: 'libopenexr22', + source: 'openexr', + version: '2.2.0-11.1ubuntu1.2', + architecture: 'amd64', + condition: 'Package matches a vulnerable version', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2017-14988', + title: + "** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.", + severity: 'Medium', + published: '2017-10-03', + updated: '2019-09-23', + state: 'Pending confirmation', + cwe_reference: 'CWE-400', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00063.html', + 'https://github.com/openexr/openexr/issues/248', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-14988', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2', + id: '23504', + firedtimes: 190, + }, + data: { + vulnerability: { + package: { + name: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-bin', + id: '23504', + firedtimes: 191, + }, + data: { + vulnerability: { + package: { + name: 'apache2-bin', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-data', + id: '23504', + firedtimes: 192, + }, + data: { + vulnerability: { + package: { + name: 'apache2-data', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'all', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-utils', + id: '23504', + firedtimes: 193, + }, + data: { + vulnerability: { + package: { + name: 'apache2-utils', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-15919 affects openssh-client', + id: '23504', + firedtimes: 197, + }, + data: { + vulnerability: { + package: { + name: 'openssh-client', + source: 'openssh', + version: '1:7.6p1-4ubuntu0.3', + architecture: 'amd64', + condition: + 'Package greater or equal than 5.9 and less or equal than 7.8', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'low', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-15919', + title: 'CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states \'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.\'', + severity: 'Medium', + published: '2018-08-28', + updated: '2019-03-07', + state: 'Fixed', + cwe_reference: 'CWE-200', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503', + 'https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919', + ], + references: [ + 'http://seclists.org/oss-sec/2018/q3/180', + 'http://www.securityfocus.com/bid/105163', + 'https://security.netapp.com/advisory/ntap-20181221-0001/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-15919', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html', + 'http://www.openwall.com/lists/oss-security/2018/08/27/2', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-15919 affects openssh-server', + id: '23504', + firedtimes: 198, + }, + data: { + vulnerability: { + package: { + name: 'openssh-server', + source: 'openssh', + version: '1:7.6p1-4ubuntu0.3', + architecture: 'amd64', + condition: + 'Package greater or equal than 5.9 and less or equal than 7.8', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'low', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-15919', + title: 'CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states \'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.\'', + severity: 'Medium', + published: '2018-08-28', + updated: '2019-03-07', + state: 'Fixed', + cwe_reference: 'CWE-200', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503', + 'https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919', + ], + references: [ + 'http://seclists.org/oss-sec/2018/q3/180', + 'http://www.securityfocus.com/bid/105163', + 'https://security.netapp.com/advisory/ntap-20181221-0001/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-15919', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html', + 'http://www.openwall.com/lists/oss-security/2018/08/27/2', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17595 affects ncurses-base', + id: '23504', + firedtimes: 222, + }, + data: { + vulnerability: { + package: { + name: 'ncurses-base', + source: 'ncurses', + version: '6.1-1ubuntu1.18.04', + architecture: 'all', + condition: 'Package less than 6.1.20191012', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2019-17595', + title: 'CVE-2019-17595 on Ubuntu 18.04 LTS (bionic) - negligible.', + rationale: + 'There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-12-23', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942401', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html', + 'https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html', + 'https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17595', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17595.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17543 affects liblz4-1', + id: '23504', + firedtimes: 244, + }, + data: { + vulnerability: { + package: { + name: 'liblz4-1', + source: 'lz4', + version: '0.0~r131-2ubuntu2', + architecture: 'amd64', + condition: 'Package less than 1.9.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17543', + title: 'CVE-2019-17543 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-24', + state: 'Fixed', + cwe_reference: 'CWE-120', + bugzilla_references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943680', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html', + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941', + 'https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2', + 'https://github.com/lz4/lz4/issues/801', + 'https://github.com/lz4/lz4/pull/756', + 'https://github.com/lz4/lz4/pull/760', + 'https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17543', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17543.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17543', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-20217 affects libkrb5-3', + id: '23504', + firedtimes: 254, + }, + data: { + vulnerability: { + package: { + name: 'libkrb5-3', + source: 'krb5', + version: '1.13.2+dfsg-5ubuntu2.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'single', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '3.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-20217', + title: 'CVE-2018-20217 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.', + severity: 'Medium', + published: '2018-12-26', + updated: '2019-10-03', + state: 'Unfixed', + cwe_reference: 'CWE-617', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387', + 'http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763', + ], + references: [ + 'http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763', + 'https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086', + 'https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/', + 'https://security.netapp.com/advisory/ntap-20190416-0006/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20217', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20217.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-14036 affects accountsservice', + id: '23504', + firedtimes: 256, + }, + data: { + vulnerability: { + package: { + name: 'accountsservice', + version: '0.6.40-2ubuntu11.3', + architecture: 'amd64', + condition: 'Package less than 0.6.50', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'single', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '4', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '6.500000', + }, + }, + cve: 'CVE-2018-14036', + title: 'CVE-2018-14036 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.', + severity: 'Medium', + published: '2018-07-13', + updated: '2018-09-06', + state: 'Fixed', + cwe_reference: 'CWE-22', + bugzilla_references: [ + 'https://bugs.freedesktop.org/show_bug.cgi?id=107085', + 'https://bugzilla.suse.com/show_bug.cgi?id=1099699', + ], + references: [ + 'http://www.openwall.com/lists/oss-security/2018/07/02/2', + 'http://www.securityfocus.com/bid/104757', + 'https://bugs.freedesktop.org/show_bug.cgi?id=107085', + 'https://bugzilla.suse.com/show_bug.cgi?id=1099699', + 'https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-14036', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14036.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14036', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-7244 affects libpcre3', + id: '23504', + firedtimes: 265, + }, + data: { + vulnerability: { + package: { + name: 'libpcre3', + source: 'pcre3', + version: '2:8.38-3.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2017-7244', + title: 'CVE-2017-7244 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.', + severity: 'Medium', + published: '2017-03-23', + updated: '2018-08-17', + state: 'Unfixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683', + 'https://bugs.exim.org/show_bug.cgi?id=2052', + 'https://bugs.exim.org/show_bug.cgi?id=2054', + ], + references: [ + 'http://www.securityfocus.com/bid/97067', + 'https://access.redhat.com/errata/RHSA-2018:2486', + 'https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/', + 'https://security.gentoo.org/glsa/201710-25', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-7244', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7244.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-8631 affects grub-legacy-ec2', + id: '23503', + firedtimes: 32, + }, + data: { + vulnerability: { + package: { + name: 'grub-legacy-ec2', + source: 'cloud-init', + version: '19.4-33-gbb4131a2-0ubuntu1~16.04.1', + architecture: 'all', + condition: 'Package less or equal than 19.4', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2020-8631', + title: 'CVE-2020-8631 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.', + severity: 'Low', + published: '2020-02-05', + updated: '2020-02-21', + state: 'Fixed', + cwe_reference: 'CWE-330', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html', + 'https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795', + 'https://github.com/canonical/cloud-init/pull/204', + 'https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-8631', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8631.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-20079 affects vim', + id: '23505', + firedtimes: 109, + }, + data: { + vulnerability: { + package: { + name: 'vim', + version: '2:7.4.1689-3ubuntu1.4', + architecture: 'amd64', + condition: 'Package less than 8.1.2136', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-20079', + title: + 'The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.', + severity: 'High', + published: '2019-12-30', + updated: '2020-03-30', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421', + 'https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136', + 'https://packetstormsecurity.com/files/154898', + 'https://usn.ubuntu.com/4309-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-20079', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2016-4484 affects cryptsetup', + id: '23504', + firedtimes: 290, + }, + data: { + vulnerability: { + package: { + name: 'cryptsetup', + version: '2:1.6.6-5ubuntu2.1', + architecture: 'amd64', + condition: 'Package less or equal than 2.1.7.3-2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'physical', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2016-4484', + title: 'CVE-2016-4484 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.', + severity: 'Medium', + published: '2017-01-23', + updated: '2017-01-26', + state: 'Fixed', + cwe_reference: 'CWE-287', + bugzilla_references: ['https://launchpad.net/bugs/1660701'], + references: [ + 'http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html', + 'http://www.openwall.com/lists/oss-security/2016/11/14/13', + 'http://www.openwall.com/lists/oss-security/2016/11/15/1', + 'http://www.openwall.com/lists/oss-security/2016/11/15/4', + 'http://www.openwall.com/lists/oss-security/2016/11/16/6', + 'http://www.securityfocus.com/bid/94315', + 'https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-4484', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-13050 affects gnupg', + id: '23505', + firedtimes: 114, + }, + data: { + vulnerability: { + package: { + name: 'gnupg', + version: '1.4.20-1ubuntu3.3', + architecture: 'amd64', + condition: 'Package less or equal than 2.2.16', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-13050', + title: 'CVE-2019-13050 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.', + severity: 'High', + published: '2019-06-29', + updated: '2019-07-09', + state: 'Fixed', + cwe_reference: 'CWE-297', + bugzilla_references: [ + 'https://bugs.launchpad.net/bugs/1844059', + 'https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-13050', + 'https://dev.gnupg.org/T4591', + 'https://dev.gnupg.org/T4607', + 'https://dev.gnupg.org/T4628', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html', + 'https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/', + 'https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html', + 'https://support.f5.com/csp/article/K08654551', + 'https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS', + 'https://twitter.com/lambdafu/status/1147162583969009664', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-13050', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects mount', + id: '23505', + firedtimes: 128, + }, + data: { + vulnerability: { + package: { + name: 'mount', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects util-linux', + id: '23505', + firedtimes: 129, + }, + data: { + vulnerability: { + package: { + name: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects uuid-runtime', + id: '23505', + firedtimes: 130, + }, + data: { + vulnerability: { + package: { + name: 'uuid-runtime', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1547 affects libssl1.0.0', + id: '23503', + firedtimes: 35, + }, + data: { + vulnerability: { + package: { + name: 'libssl1.0.0', + source: 'openssl', + version: '1.0.2g-1ubuntu4.15', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.0.2 and less or equal than 1.0.2s', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '1.900000', + }, + }, + cve: 'CVE-2019-1547', + title: 'CVE-2019-1547 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).', + severity: 'Low', + published: '2019-09-10', + updated: '2019-09-12', + state: 'Fixed', + cwe_reference: 'CWE-311', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html', + 'http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html', + 'https://arxiv.org/abs/1909.01785', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a', + 'https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/', + 'https://seclists.org/bugtraq/2019/Oct/0', + 'https://seclists.org/bugtraq/2019/Oct/1', + 'https://seclists.org/bugtraq/2019/Sep/25', + 'https://security.gentoo.org/glsa/201911-04', + 'https://security.netapp.com/advisory/ntap-20190919-0002/', + 'https://security.netapp.com/advisory/ntap-20200122-0002/', + 'https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS', + 'https://www.debian.org/security/2019/dsa-4539', + 'https://www.debian.org/security/2019/dsa-4540', + 'https://www.openssl.org/news/secadv/20190910.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1547', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1547.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547', + 'https://usn.ubuntu.com/usn/usn-4376-1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-3843 affects systemd', + id: '23505', + firedtimes: 134, + }, + data: { + vulnerability: { + package: { + name: 'systemd', + version: '229-4ubuntu21.27', + architecture: 'amd64', + condition: 'Package less than 242', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '4.600000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2019-3843', + title: + 'It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.', + severity: 'High', + published: '2019-04-26', + updated: '2019-06-19', + state: 'Fixed', + cwe_reference: 'CWE-264', + references: [ + 'http://www.securityfocus.com/bid/108116', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/', + 'https://security.netapp.com/advisory/ntap-20190619-0002/', + 'https://usn.ubuntu.com/4269-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-3843', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-11727 affects thunderbird', + id: '23504', + firedtimes: 312, + }, + data: { + vulnerability: { + package: { + name: 'thunderbird', + version: '1:68.8.0+build2-0ubuntu0.16.04.2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2019-11727', + title: 'CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.', + severity: 'Medium', + published: '2019-07-23', + updated: '2019-07-30', + state: 'Unfixed', + cwe_reference: 'CWE-295', + bugzilla_references: [ + 'https://bugzilla.mozilla.org/show_bug.cgi?id=1552208', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html', + 'https://access.redhat.com/errata/RHSA-2019:1951', + 'https://bugzilla.mozilla.org/show_bug.cgi?id=1552208', + 'https://security.gentoo.org/glsa/201908-12', + 'https://www.mozilla.org/security/advisories/mfsa2019-21/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-11727', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11727.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727', + 'https://usn.ubuntu.com/usn/usn-4054-1', + 'https://usn.ubuntu.com/usn/usn-4060-1', + 'https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-18276 affects bash', + id: '23505', + firedtimes: 158, + }, + data: { + vulnerability: { + package: { + name: 'bash', + version: '4.3-14ubuntu1.4', + architecture: 'amd64', + condition: 'Package less or equal than 5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + }, + cve: 'CVE-2019-18276', + title: 'CVE-2019-18276 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.', + severity: 'High', + published: '2019-11-28', + updated: '2020-04-30', + state: 'Fixed', + cwe_reference: 'CWE-273', + bugzilla_references: [ + 'https://bugzilla.suse.com/show_bug.cgi?id=1158028', + ], + references: [ + 'http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html', + 'https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff', + 'https://security.netapp.com/advisory/ntap-20200430-0003/', + 'https://www.youtube.com/watch?v=-wGtxJ8opa8', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-18276', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18276.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-9502 affects curl', + id: '23504', + firedtimes: 334, + }, + data: { + vulnerability: { + package: { + name: 'curl', + version: '7.47.0-1ubuntu2.14', + architecture: 'amd64', + condition: 'Package less or equal than 7.54.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'low', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2017-9502', + title: + 'In curl before 7.54.1 on Windows and DOS, libcurl\'s default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given "URL" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string "file://").', + severity: 'Medium', + published: '2017-06-14', + updated: '2017-07-08', + state: 'Fixed', + cwe_reference: 'CWE-119', + references: [ + 'http://openwall.com/lists/oss-security/2017/06/14/1', + 'http://www.securityfocus.com/bid/99120', + 'http://www.securitytracker.com/id/1038697', + 'https://curl.haxx.se/docs/adv_20170614.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-9502', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-20483 affects wget', + id: '23505', + firedtimes: 175, + }, + data: { + vulnerability: { + package: { + name: 'wget', + version: '1.17.1-1ubuntu1.5', + architecture: 'amd64', + condition: 'Package less than 1.20.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.100000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-20483', + title: + "set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.", + severity: 'High', + published: '2018-12-26', + updated: '2019-04-09', + state: 'Fixed', + cwe_reference: 'CWE-255', + references: [ + 'http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS', + 'http://www.securityfocus.com/bid/106358', + 'https://access.redhat.com/errata/RHSA-2019:3701', + 'https://security.gentoo.org/glsa/201903-08', + 'https://security.netapp.com/advisory/ntap-20190321-0002/', + 'https://twitter.com/marcan42/status/1077676739877232640', + 'https://usn.ubuntu.com/3943-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20483', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-1010204 affects binutils', + id: '23504', + firedtimes: 369, + }, + data: { + vulnerability: { + package: { + name: 'binutils', + version: '2.26.1-1ubuntu1~16.04.8', + architecture: 'amd64', + condition: + 'Package greater or equal than 2.21 and less or equal than 2.31.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2019-1010204', + title: 'CVE-2019-1010204 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.', + severity: 'Medium', + published: '2019-07-23', + updated: '2019-08-22', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://sourceware.org/bugzilla/show_bug.cgi?id=23765', + ], + references: [ + 'https://security.netapp.com/advisory/ntap-20190822-0001/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=23765', + 'https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1010204', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010204.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-14855 affects dirmngr', + id: '23504', + firedtimes: 382, + }, + data: { + vulnerability: { + package: { + name: 'dirmngr', + source: 'gnupg2', + version: '2.1.11-6ubuntu2.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + }, + cve: 'CVE-2019-14855', + title: 'CVE-2019-14855 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.', + severity: 'Medium', + published: '2020-03-20', + updated: '2020-03-24', + state: 'Unfixed', + cwe_reference: 'CWE-327', + bugzilla_references: ['https://dev.gnupg.org/T4755'], + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855', + 'https://dev.gnupg.org/T4755', + 'https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html', + 'https://rwc.iacr.org/2020/slides/Leurent.pdf', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-14855', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14855.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855', + 'https://eprint.iacr.org/2020/014.pdf', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2016-5011 affects uuid-runtime', + id: '23504', + firedtimes: 395, + }, + data: { + vulnerability: { + package: { + name: 'uuid-runtime', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'complete', + }, + base_score: '4.700000', + }, + cvss3: { + vector: { + attack_vector: 'physical', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '4.300000', + }, + }, + cve: 'CVE-2016-5011', + title: 'CVE-2016-5011 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.', + severity: 'Medium', + published: '2017-04-11', + updated: '2017-04-17', + state: 'Unfixed', + cwe_reference: 'CWE-399', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1349536', + ], + references: [ + 'http://rhn.redhat.com/errata/RHSA-2016-2605.html', + 'http://www.openwall.com/lists/oss-security/2016/07/11/2', + 'http://www.securityfocus.com/bid/91683', + 'http://www.securitytracker.com/id/1036272', + 'http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543', + 'http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801', + 'https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-5011', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2015-5191 affects open-vm-tools', + id: '23504', + firedtimes: 396, + }, + data: { + vulnerability: { + package: { + name: 'open-vm-tools', + version: '2:10.2.0-3~ubuntu0.16.04.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '6.700000', + }, + }, + cve: 'CVE-2015-5191', + title: 'CVE-2015-5191 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H', + severity: 'Medium', + published: '2017-07-28', + updated: '2017-08-08', + state: 'Unfixed', + cwe_reference: 'CWE-362', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869633', + ], + references: [ + 'http://www.securityfocus.com/bid/100011', + 'http://www.securitytracker.com/id/1039013', + 'https://www.vmware.com/security/advisories/VMSA-2017-0013.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2015-5191', + 'http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5191.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-8975 affects netpbm', + id: '23504', + firedtimes: 397, + }, + data: { + vulnerability: { + package: { + name: 'netpbm', + source: 'netpbm-free', + version: '2:10.0-15.3', + architecture: 'amd64', + condition: 'Package less or equal than 10.81.03', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2018-8975', + title: + 'The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.', + severity: 'Medium', + published: '2018-03-25', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-125', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00056.html', + 'https://github.com/xiaoqx/pocs/blob/master/netpbm', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-8975', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-19232 affects sudo', + id: '23504', + firedtimes: 398, + }, + data: { + vulnerability: { + package: { + name: 'sudo', + version: '1.8.16-0ubuntu1.9', + architecture: 'amd64', + condition: 'Package less or equal than 1.8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5', + }, + }, + cve: 'CVE-2019-19232', + title: 'CVE-2019-19232 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + '** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.', + severity: 'Medium', + published: '2019-12-19', + updated: '2020-01-30', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947225', + ], + references: [ + 'http://seclists.org/fulldisclosure/2020/Mar/31', + 'https://access.redhat.com/security/cve/cve-2019-19232', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870', + 'https://security.netapp.com/advisory/ntap-20200103-0004/', + 'https://support.apple.com/en-gb/HT211100', + 'https://support.apple.com/kb/HT211100', + 'https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232', + 'https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506', + 'https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html', + 'https://www.oracle.com/security-alerts/bulletinapr2020.html', + 'https://www.sudo.ws/devel.html#1.8.30b2', + 'https://www.sudo.ws/stable.html', + 'https://www.tenable.com/plugins/nessus/133936', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19232', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19232.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19232', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-12588 affects rsyslog', + id: '23506', + firedtimes: 64, + }, + data: { + vulnerability: { + package: { + name: 'rsyslog', + version: '8.16.0-1ubuntu3.1', + architecture: 'amd64', + condition: 'Package less or equal than 8.27.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-12588', + title: + 'The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.', + severity: 'Critical', + published: '2017-08-06', + updated: '2017-08-14', + state: 'Fixed', + cwe_reference: 'CWE-134', + references: [ + 'https://github.com/rsyslog/rsyslog/blob/master/ChangeLog', + 'https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b', + 'https://github.com/rsyslog/rsyslog/pull/1565', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-12588', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-18342 affects python3-yaml', + id: '23506', + firedtimes: 65, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.11-3build1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-18342', + title: 'CVE-2017-18342 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + "In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.", + severity: 'Critical', + published: '2018-06-27', + updated: '2019-06-24', + state: 'Unfixed', + cwe_reference: 'CWE-20', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902878', + ], + references: [ + 'https://github.com/marshmallow-code/apispec/issues/278', + 'https://github.com/yaml/pyyaml/blob/master/CHANGES', + 'https://github.com/yaml/pyyaml/issues/193', + 'https://github.com/yaml/pyyaml/pull/74', + 'https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/', + 'https://security.gentoo.org/glsa/202003-45', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-18342', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18342.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-15994 affects rsync', + id: '23506', + firedtimes: 66, + }, + data: { + vulnerability: { + package: { + name: 'rsync', + version: '3.1.1-3ubuntu1.3', + architecture: 'amd64', + condition: 'Package less or equal than 3.1.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-15994', + title: + 'rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.', + severity: 'Critical', + published: '2017-10-29', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-354', + references: [ + 'https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3', + 'https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55', + 'https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-15994', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2019-9169 affects libc6', + id: '23506', + firedtimes: 68, + }, + data: { + vulnerability: { + package: { + name: 'libc6', + source: 'glibc', + version: '2.23-0ubuntu11', + architecture: 'amd64', + condition: 'Package less or equal than 2.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2019-9169', + title: 'CVE-2019-9169 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.', + severity: 'Critical', + published: '2019-02-26', + updated: '2019-04-16', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=24114', + ], + references: [ + 'http://www.securityfocus.com/bid/107160', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142', + 'https://kc.mcafee.com/corporate/index?page=content&id=SB10278', + 'https://security.netapp.com/advisory/ntap-20190315-0002/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=24114', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9', + 'https://support.f5.com/csp/article/K54823184', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-9169', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9169.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-15088 affects krb5-locales', + id: '23506', + firedtimes: 73, + }, + data: { + vulnerability: { + package: { + name: 'krb5-locales', + source: 'krb5', + version: '1.13.2+dfsg-5ubuntu2.1', + architecture: 'all', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-15088', + title: 'CVE-2017-15088 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.', + severity: 'Critical', + published: '2017-11-23', + updated: '2019-10-09', + state: 'Unfixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698', + ], + references: [ + 'http://www.securityfocus.com/bid/101594', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1504045', + 'https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4', + 'https://github.com/krb5/krb5/pull/707', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-15088', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15088.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2018-6485 affects libc-bin', + id: '23506', + firedtimes: 78, + }, + data: { + vulnerability: { + package: { + name: 'libc-bin', + source: 'glibc', + version: '2.23-0ubuntu11', + architecture: 'amd64', + condition: 'Package less or equal than 2.26', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2018-6485', + title: 'CVE-2018-6485 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.', + severity: 'Critical', + published: '2018-02-01', + updated: '2019-12-10', + state: 'Fixed', + cwe_reference: 'CWE-190', + bugzilla_references: [ + 'http://bugs.debian.org/878159', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22343', + ], + references: [ + 'http://bugs.debian.org/878159', + 'http://www.securityfocus.com/bid/102912', + 'https://access.redhat.com/errata/RHBA-2019:0327', + 'https://access.redhat.com/errata/RHSA-2018:3092', + 'https://security.netapp.com/advisory/ntap-20190404-0003/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22343', + 'https://usn.ubuntu.com/4218-1/', + 'https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-6485', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6485.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485', + 'https://usn.ubuntu.com/usn/usn-4218-1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7944 affects libxfixes3', + id: '23506', + firedtimes: 82, + }, + data: { + vulnerability: { + package: { + name: 'libxfixes3', + source: 'libxfixes', + version: '1:5.0.1-2', + architecture: 'amd64', + condition: 'Package less or equal than 5.0.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7944', + title: 'CVE-2016-7944 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-190', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840442', + ], + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93361', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7944', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7944.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7947 affects libxrandr2', + id: '23506', + firedtimes: 83, + }, + data: { + vulnerability: { + package: { + name: 'libxrandr2', + source: 'libxrandr', + version: '2:1.5.0-1', + architecture: 'amd64', + condition: 'Package less or equal than 1.5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7947', + title: 'CVE-2016-7947 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-787', + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93365', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7947', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7948 affects libxrandr2', + id: '23506', + firedtimes: 84, + }, + data: { + vulnerability: { + package: { + name: 'libxrandr2', + source: 'libxrandr', + version: '2:1.5.0-1', + architecture: 'amd64', + condition: 'Package less or equal than 1.5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7948', + title: 'CVE-2016-7948 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-787', + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93373', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7948', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, ]; From 5f81622270d71f214aaa9ebe5f0aba5f4e82631b Mon Sep 17 00:00:00 2001 From: Antonio <34042064+Desvelao@users.noreply.github.com> Date: Thu, 29 Aug 2024 12:51:27 +0200 Subject: [PATCH 07/11] Keep the appState filters on refreshing page (#6950) fix(modules): keep the appState filters on refreshing page --- .../public/components/overview/overview.tsx | 13 ++++- .../main/public/utils/migrate_legacy_query.ts | 50 +++++++++++++++++++ 2 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 plugins/main/public/utils/migrate_legacy_query.ts diff --git a/plugins/main/public/components/overview/overview.tsx b/plugins/main/public/components/overview/overview.tsx index f8f36df351..12476ad0a7 100644 --- a/plugins/main/public/components/overview/overview.tsx +++ b/plugins/main/public/components/overview/overview.tsx @@ -26,6 +26,8 @@ import { } from '../../services/resolves'; import { useRouterSearch } from '../common/hooks'; import NavigationService from '../../react-services/navigation-service'; +import { cloneDeep } from 'lodash'; +import { migrateLegacyQuery } from '../../utils/migrate_legacy_query'; export const Overview: React.FC = withRouteResolvers({ enableMenu, @@ -56,7 +58,7 @@ export const Overview: React.FC = withRouteResolvers({ const appStateFromUrl = osdUrlStateStorage.get('_a') as AppState; let initialAppState = { - ...data.query.queryString.getDefaultQuery(), + query: migrateLegacyQuery(data.query.queryString.getDefaultQuery()), ...appStateFromUrl, }; const appStateContainer = createStateContainer(initialAppState); @@ -80,6 +82,15 @@ export const Overview: React.FC = withRouteResolvers({ stateStorage: osdUrlStateStorage, }); + // sync initial app filters from state to filterManager + // https://github.com/opensearch-project/OpenSearch-Dashboards/blob/2.13.0/src/plugins/dashboard/public/application/utils/use/use_dashboard_app_state.tsx#L84-L86 + data.query.filterManager.setAppFilters( + cloneDeep(appStateContainer.getState().filters), + ); + data.query.queryString.setQuery( + migrateLegacyQuery(appStateContainer.getState().query), + ); + const stopSyncingQueryAppStateWithStateContainer = connectToQueryState( data.query, appStateContainer, diff --git a/plugins/main/public/utils/migrate_legacy_query.ts b/plugins/main/public/utils/migrate_legacy_query.ts new file mode 100644 index 0000000000..d3f9eefcfe --- /dev/null +++ b/plugins/main/public/utils/migrate_legacy_query.ts @@ -0,0 +1,50 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Any modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { has } from 'lodash'; +import { Query } from 'src/plugins/data/public'; + +/** + * Creates a standardized query object from old queries that were either strings or pure OpenSearch query DSL + * + * @param query - a legacy query, what used to be stored in SearchSource's query property + * @return Object + */ + +export function migrateLegacyQuery( + query: Query | { [key: string]: any } | string, +): Query { + // Lucene was the only option before, so language-less queries are all lucene + if (!has(query, 'language')) { + return { query, language: 'lucene' }; + } + + return query as Query; +} From 21816235bd87c353dc19bbe692cf2c301280ea30 Mon Sep 17 00:00:00 2001 From: Antonio <34042064+Desvelao@users.noreply.github.com> Date: Fri, 30 Aug 2024 10:13:11 +0200 Subject: [PATCH 08/11] Bump 4.9.0 rev 07 RC2 (#6953) change: bump 4.9.0 rev 07 --- CHANGELOG.md | 2 +- plugins/main/opensearch_dashboards.json | 2 +- plugins/main/package.json | 2 +- plugins/wazuh-check-updates/opensearch_dashboards.json | 2 +- plugins/wazuh-check-updates/package.json | 2 +- plugins/wazuh-core/opensearch_dashboards.json | 2 +- plugins/wazuh-core/package.json | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 26c83e141d..9ea87aa5f0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ All notable changes to the Wazuh app project will be documented in this file. -## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 06 +## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 07 ### Added diff --git a/plugins/main/opensearch_dashboards.json b/plugins/main/opensearch_dashboards.json index 36affcc5f6..c129285f0a 100644 --- a/plugins/main/opensearch_dashboards.json +++ b/plugins/main/opensearch_dashboards.json @@ -1,6 +1,6 @@ { "id": "wazuh", - "version": "4.9.0-06", + "version": "4.9.0-07", "opensearchDashboardsVersion": "opensearchDashboards", "configPath": ["wazuh"], "requiredPlugins": [ diff --git a/plugins/main/package.json b/plugins/main/package.json index 2fe1f3edcd..e8bfb4e24b 100644 --- a/plugins/main/package.json +++ b/plugins/main/package.json @@ -1,7 +1,7 @@ { "name": "wazuh", "version": "4.9.0", - "revision": "06", + "revision": "07", "pluginPlatform": { "version": "2.13.0" }, diff --git a/plugins/wazuh-check-updates/opensearch_dashboards.json b/plugins/wazuh-check-updates/opensearch_dashboards.json index a5aba3869e..1cd3742816 100644 --- a/plugins/wazuh-check-updates/opensearch_dashboards.json +++ b/plugins/wazuh-check-updates/opensearch_dashboards.json @@ -1,6 +1,6 @@ { "id": "wazuhCheckUpdates", - "version": "4.9.0-06", + "version": "4.9.0-07", "opensearchDashboardsVersion": "opensearchDashboards", "server": true, "ui": true, diff --git a/plugins/wazuh-check-updates/package.json b/plugins/wazuh-check-updates/package.json index d4b88c3dff..b98560bccf 100644 --- a/plugins/wazuh-check-updates/package.json +++ b/plugins/wazuh-check-updates/package.json @@ -1,7 +1,7 @@ { "name": "wazuh-check-updates", "version": "4.9.0", - "revision": "06", + "revision": "07", "pluginPlatform": { "version": "2.13.0" }, diff --git a/plugins/wazuh-core/opensearch_dashboards.json b/plugins/wazuh-core/opensearch_dashboards.json index b66f983eb8..20ce325a77 100644 --- a/plugins/wazuh-core/opensearch_dashboards.json +++ b/plugins/wazuh-core/opensearch_dashboards.json @@ -1,6 +1,6 @@ { "id": "wazuhCore", - "version": "4.9.0-06", + "version": "4.9.0-07", "opensearchDashboardsVersion": "opensearchDashboards", "server": true, "ui": true, diff --git a/plugins/wazuh-core/package.json b/plugins/wazuh-core/package.json index 8362430b63..5ca056f12b 100644 --- a/plugins/wazuh-core/package.json +++ b/plugins/wazuh-core/package.json @@ -1,7 +1,7 @@ { "name": "wazuh-core", "version": "4.9.0", - "revision": "06", + "revision": "07", "pluginPlatform": { "version": "2.13.0" }, From 4494d16e0ed0891eca6aa45ebe1786e62f86c0e9 Mon Sep 17 00:00:00 2001 From: JuanGarriuz Date: Mon, 2 Sep 2024 12:12:31 +0200 Subject: [PATCH 09/11] Improve intelligence flyout details readability (#6954) * Get details darker * Added changelog * Update CHANGELOG --- CHANGELOG.md | 1 + .../overview/mitre/intelligence/resource_detail_flyout.tsx | 7 ++----- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 95f10cbcfb..89fda37cfc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ All notable changes to the Wazuh app project will be documented in this file. ### Changed - Upgraded the `axios` dependency to `1.7.4` [#6919](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6919) +- Improved MITRE ATT&CK intelligence flyout details readability [#6954](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6954) ## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 05 diff --git a/plugins/main/public/components/overview/mitre/intelligence/resource_detail_flyout.tsx b/plugins/main/public/components/overview/mitre/intelligence/resource_detail_flyout.tsx index 57299494f8..590f852b5b 100644 --- a/plugins/main/public/components/overview/mitre/intelligence/resource_detail_flyout.tsx +++ b/plugins/main/public/components/overview/mitre/intelligence/resource_detail_flyout.tsx @@ -16,10 +16,7 @@ import { MitreAttackResources } from './resources'; import { ReferencesTable } from './resource_detail_references_table'; import { - EuiFlyout, EuiFlyoutHeader, - EuiOverlayMask, - EuiOutsideClickDetector, EuiTitle, EuiText, EuiFlexGroup, @@ -64,7 +61,7 @@ export const ModuleMitreAttackIntelligenceFlyout = ({
{detailProperty.label}
- + {detailProperty.render ? detailProperty.render(details[detailProperty.id]) : details[detailProperty.id]} @@ -79,7 +76,7 @@ export const ModuleMitreAttackIntelligenceFlyout = ({
Description
- + {details.description ? ( ) : ( From 60dcc23fdcf01e3d1705ced54e512f37f5129309 Mon Sep 17 00:00:00 2001 From: Maximiliano Ibarra <6089438+Machi3mfl@users.noreply.github.com> Date: Mon, 2 Sep 2024 16:54:14 -0300 Subject: [PATCH 10/11] Removed agent RBAC filters from dashboard queries (#6945) * Fix 4.9.0 changelog (#6933) * Fix 4.9.0 changelog * Remove 6519 reverted pull request * Bump 4.9.0 rev 06 RC1 (#6934) * Bump 4.9.0 revision 06 RC1 * Format * Remove allowed agents filter in data source * Remove getAuthorizedAgent no authorization * Remove allowedAgents from app state * Remove useAllowedAgents hook * Remove allowed agents related actions * Remove allowed agents in reporting * Apply prettier * Remove allowed agents * Fix unit test * Revert CHANGELOG * Update CHANGELOG --------- Co-authored-by: Federico Rodriguez --- CHANGELOG.md | 4 + .../data-source/hooks/use-data-source.test.ts | 221 +++++------ ...pattern-data-source-filter-manager.test.ts | 22 -- .../pattern-data-source-filter-manager.ts | 58 --- .../pattern-data-source-selector.test.ts | 355 +++++++++--------- .../pattern/pattern-data-source.ts | 6 +- .../public/components/common/hooks/index.ts | 1 - .../common/hooks/useAllowedAgents.ts | 23 -- .../main/public/react-services/wz-agents.ts | 27 -- .../react-services/wz-authentication.ts | 11 - .../public/redux/actions/appStateActions.js | 11 - .../public/redux/reducers/appStateReducers.js | 8 - .../server/controllers/wazuh-reporting.ts | 7 - .../server/lib/reporting/audit-request.ts | 9 +- .../main/server/lib/reporting/base-query.ts | 10 +- .../lib/reporting/extended-information.ts | 28 -- .../main/server/lib/reporting/gdpr-request.ts | 6 +- .../server/lib/reporting/overview-request.ts | 11 +- .../main/server/lib/reporting/pci-request.ts | 6 +- .../server/lib/reporting/rootcheck-request.ts | 9 +- .../lib/reporting/summary-table.test.ts | 2 - .../server/lib/reporting/summary-table.ts | 15 +- .../server/lib/reporting/syscheck-request.ts | 28 +- .../main/server/lib/reporting/tsc-request.ts | 6 +- .../lib/reporting/vulnerability-request.ts | 23 +- 25 files changed, 333 insertions(+), 574 deletions(-) delete mode 100644 plugins/main/public/components/common/hooks/useAllowedAgents.ts diff --git a/CHANGELOG.md b/CHANGELOG.md index 90a450bb82..cb56195b56 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,10 @@ All notable changes to the Wazuh app project will be documented in this file. - Changed the registration id of the Settings application for compatibility with Opensearch Dashboard 2.16.0 [#6938](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6938) +### Removed + +- Removed agent RBAC filters from dashboard queries [#6945](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6945) + ## Wazuh v4.9.1 - OpenSearch Dashboards 2.13.0 - Revision 00 ### Added diff --git a/plugins/main/public/components/common/data-source/hooks/use-data-source.test.ts b/plugins/main/public/components/common/data-source/hooks/use-data-source.test.ts index e1d27f5616..700060835a 100644 --- a/plugins/main/public/components/common/data-source/hooks/use-data-source.test.ts +++ b/plugins/main/public/components/common/data-source/hooks/use-data-source.test.ts @@ -1,129 +1,130 @@ import { useDataSource } from './use-data-source'; import { renderHook } from '@testing-library/react-hooks'; -import { - tDataSourceRepository, - tFilter, - PatternDataSource, - tParsedIndexPattern +import { + tDataSourceRepository, + tFilter, + PatternDataSource, + tParsedIndexPattern, } from '../index'; -import { IndexPatternsService, IndexPattern } from '../../../../../../../src/plugins/data/common'; +import { + IndexPatternsService, + IndexPattern, +} from '../../../../../../../src/plugins/data/common'; jest.mock('../../../../kibana-services', () => ({ - ...(jest.requireActual('../../../../kibana-services') as object), - getDataPlugin: () => ({ - // mock indexPatterns getter - indexPatterns: { - get: jest.fn().mockResolvedValue({ - fields: { - replaceAll: jest.fn(), - map: jest.fn().mockReturnValue([]), - }, - getScriptedFields: jest.fn().mockReturnValue([]), - }), - getFieldsForIndexPattern: jest.fn().mockResolvedValue([]), - updateSavedObject: jest.fn().mockResolvedValue({}), + ...(jest.requireActual('../../../../kibana-services') as object), + getDataPlugin: () => ({ + // mock indexPatterns getter + indexPatterns: { + get: jest.fn().mockResolvedValue({ + fields: { + replaceAll: jest.fn(), + map: jest.fn().mockReturnValue([]), }, - query: { - filterManager: { - getFilters: jest.fn().mockReturnValue([]), - setFilters: jest.fn(), - getUpdates$: jest.fn().mockReturnValue({ - subscribe: jest.fn() - }) - } - } - }), + getScriptedFields: jest.fn().mockReturnValue([]), + }), + getFieldsForIndexPattern: jest.fn().mockResolvedValue([]), + updateSavedObject: jest.fn().mockResolvedValue({}), + }, + query: { + filterManager: { + getFilters: jest.fn().mockReturnValue([]), + setFilters: jest.fn(), + getUpdates$: jest.fn().mockReturnValue({ + subscribe: jest.fn(), + }), + }, + }, + }), })); const mockedGetFilters = jest.fn().mockReturnValue([]); class DataSourceMocked implements PatternDataSource { - constructor(public id: string, public title: string) { - this.id = id; - this.title = title; - } - fields: any[]; - patternService: IndexPatternsService; - indexPattern: IndexPattern; - defaultFixedFilters: tFilter[]; - filters: tFilter[]; - init = jest.fn(); - select = jest.fn(); - fetch = jest.fn(); - getFilters = mockedGetFilters; - setFilters = jest.fn(); - getFields = mockedGetFilters - getFixedFilters = mockedGetFilters - getFetchFilters = mockedGetFilters - toJSON(): tParsedIndexPattern { - return { - id: this.id, - title: this.title, - } as tParsedIndexPattern; - } - getClusterManagerFilters = mockedGetFilters - getPinnedAgentFilter = mockedGetFilters - getExcludeManagerFilter = mockedGetFilters - getAllowAgentsFilter = mockedGetFilters + constructor(public id: string, public title: string) { + this.id = id; + this.title = title; + } + fields: any[]; + patternService: IndexPatternsService; + indexPattern: IndexPattern; + defaultFixedFilters: tFilter[]; + filters: tFilter[]; + init = jest.fn(); + select = jest.fn(); + fetch = jest.fn(); + getFilters = mockedGetFilters; + setFilters = jest.fn(); + getFields = mockedGetFilters; + getFixedFilters = mockedGetFilters; + getFetchFilters = mockedGetFilters; + toJSON(): tParsedIndexPattern { + return { + id: this.id, + title: this.title, + } as tParsedIndexPattern; + } + getClusterManagerFilters = mockedGetFilters; + getPinnedAgentFilter = mockedGetFilters; + getExcludeManagerFilter = mockedGetFilters; } class ExampleRepository implements tDataSourceRepository { - getDefault = jest.fn(); - setDefault = jest.fn(); - get = jest.fn(); - getAll = jest.fn(); + getDefault = jest.fn(); + setDefault = jest.fn(); + get = jest.fn(); + getAll = jest.fn(); } describe('useDataSource hook', () => { + it('shoudl throw ERROR when the repository is not defined', () => { + try { + renderHook(() => + useDataSource({ + DataSource: DataSourceMocked, + repository: undefined as any, + }), + ); + } catch (error) { + expect(error).toBeDefined(); + expect(error.message).toBe('DataSource and repository are required'); + } + }); - it('shoudl throw ERROR when the repository is not defined', () => { - - try { - renderHook(() => useDataSource({ - DataSource: DataSourceMocked, - repository: undefined as any - })); - } catch(error){ - expect(error).toBeDefined(); - expect(error.message).toBe('DataSource and repository are required'); - } - - }) - - it('should throw ERROR when the DataSource is not defined', () => { - - try { - renderHook(() => useDataSource({ - DataSource: undefined as any, - repository: new ExampleRepository() - })); - } catch(error){ - expect(error).toBeDefined(); - expect(error.message).toBe('DataSource and repository are required'); - } - - }) - - // FIXME: - it.skip('should initialize the hook with only receiving the dataSource and repository', async () => { - const repository = new ExampleRepository(); - const indexMocked = { - id: 'test', - title: 'Test' - } - jest.spyOn(repository, 'getAll').mockResolvedValueOnce([indexMocked]); - jest.spyOn(repository, 'getDefault').mockResolvedValueOnce(indexMocked); - const { result, waitForNextUpdate } = renderHook(() => useDataSource({ - DataSource: DataSourceMocked, - repository - })); - // wait for the promise to resolve - await waitForNextUpdate(); - expect(result.current.isLoading).toBeFalsy(); - expect(result.current.dataSource).toBeDefined(); - expect(result.current.dataSource?.id).toBe('test'); - expect(result.current.dataSource?.title).toBe('Test'); - }) - + it('should throw ERROR when the DataSource is not defined', () => { + try { + renderHook(() => + useDataSource({ + DataSource: undefined as any, + repository: new ExampleRepository(), + }), + ); + } catch (error) { + expect(error).toBeDefined(); + expect(error.message).toBe('DataSource and repository are required'); + } + }); -}) + // FIXME: + it.skip('should initialize the hook with only receiving the dataSource and repository', async () => { + const repository = new ExampleRepository(); + const indexMocked = { + id: 'test', + title: 'Test', + }; + jest.spyOn(repository, 'getAll').mockResolvedValueOnce([indexMocked]); + jest.spyOn(repository, 'getDefault').mockResolvedValueOnce(indexMocked); + const { result, waitForNextUpdate } = renderHook(() => + useDataSource({ + DataSource: DataSourceMocked, + repository, + }), + ); + // wait for the promise to resolve + await waitForNextUpdate(); + expect(result.current.isLoading).toBeFalsy(); + expect(result.current.dataSource).toBeDefined(); + expect(result.current.dataSource?.id).toBe('test'); + expect(result.current.dataSource?.title).toBe('Test'); + }); +}); diff --git a/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.test.ts b/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.test.ts index c1fe0a2e26..37e4374817 100644 --- a/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.test.ts +++ b/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.test.ts @@ -80,7 +80,6 @@ class DataSourceMocked implements PatternDataSource { getClusterManagerFilters = mockedGetFilters; getPinnedAgentFilter = mockedGetFilters; getExcludeManagerFilter = mockedGetFilters; - getAllowAgentsFilter = mockedGetFilters; } const createFilter = (id: string, value: string, index: string): tFilter => { @@ -374,27 +373,6 @@ describe('PatternDataSourceFilterManager', () => { expect(filter.length).toBe(0); }); - it('should return the filters to fetch the data merging the filters stored and the allowed agents filter', () => { - (store.getState as jest.Mock).mockReturnValue({ - appStateReducers: { - allowedAgents: ['001'], - }, - }); - const filter = - PatternDataSourceFilterManager.getAllowAgentsFilter('index-title'); - expect(filter.length).toBe(1); - expect(filter[0].meta.controlledBy).toBe(AUTHORIZED_AGENTS); - }); - - it('should return the filters to fetch the data merging the filters stored without the allowed agents filter when is not defined', () => { - (store.getState as jest.Mock).mockReturnValue({ - appStateReducers: {}, - }); - const filter = - PatternDataSourceFilterManager.getAllowAgentsFilter('index-title'); - expect(filter.length).toBe(0); - }); - // FIXME: it.skip('should return the fixed filters merged with the pinned agent filter when correspond', () => { // mock store.getState diff --git a/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.ts b/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.ts index 90e13ac255..dc7c55130f 100644 --- a/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.ts +++ b/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.ts @@ -40,47 +40,6 @@ export function getFilterExcludeManager(indexPatternId: string) { }; } -/** - * Get the filter that restrict the search to the allowed agents - * @param agentsIds - * @param indexPatternId - * @returns - */ -export function getFilterAllowedAgents( - agentsIds: string[], - indexPatternId: string, -) { - const field = AGENT_ID_KEY; - return { - meta: { - index: indexPatternId, - type: 'phrases', - key: field, - value: agentsIds.toString(), - params: agentsIds, - alias: null, - negate: false, - disabled: false, - controlledBy: AUTHORIZED_AGENTS, - }, - query: { - bool: { - should: agentsIds.map(id => { - return { - match_phrase: { - [field]: id, - }, - }; - }), - minimum_should_match: 1, - }, - }, - $state: { - store: 'appState', - }, - }; -} - export enum FILTER_OPERATOR { IS = 'is', IS_NOT = 'is not', @@ -359,23 +318,6 @@ export class PatternDataSourceFilterManager return []; } - /** - * Return the allowed agents related to the user permissions to read data from agents in the - API server - */ - static getAllowAgentsFilter(indexPatternId: string): tFilter[] { - const allowedAgents = - store.getState().appStateReducers?.allowedAgents || []; - if (allowedAgents.length > 0) { - const allowAgentsFilter = getFilterAllowedAgents( - allowedAgents, - indexPatternId, - ) as tFilter; - return [allowAgentsFilter]; - } - return []; - } - /******************************************************************/ /********************** FILTERS FACTORY ***************************/ /******************************************************************/ diff --git a/plugins/main/public/components/common/data-source/pattern/pattern-data-source-selector.test.ts b/plugins/main/public/components/common/data-source/pattern/pattern-data-source-selector.test.ts index 6e5f5599c6..8721b8e8eb 100644 --- a/plugins/main/public/components/common/data-source/pattern/pattern-data-source-selector.test.ts +++ b/plugins/main/public/components/common/data-source/pattern/pattern-data-source-selector.test.ts @@ -1,188 +1,201 @@ -import { IndexPatternsService, IndexPattern } from '../../../../../../../src/plugins/data/public'; import { - tDataSourceSelector, - tDataSourceRepository, - tParsedIndexPattern, - PatternDataSourceSelector, - PatternDataSource, - tFilter + IndexPatternsService, + IndexPattern, +} from '../../../../../../../src/plugins/data/public'; +import { + tDataSourceSelector, + tDataSourceRepository, + tParsedIndexPattern, + PatternDataSourceSelector, + PatternDataSource, + tFilter, } from '../index'; - const mockedGetFilters = jest.fn().mockReturnValue([]); class DataSourceMocked implements PatternDataSource { - constructor(public id: string, public title: string) { - this.id = id; - this.title = title; - } - fields: any[]; - patternService: IndexPatternsService; - indexPattern: IndexPattern; - defaultFixedFilters: tFilter[]; - filters: tFilter[]; - init = jest.fn(); - select = jest.fn(); - fetch = jest.fn(); - getFilters = mockedGetFilters; - setFilters = jest.fn(); - getFields = mockedGetFilters - getFixedFilters = mockedGetFilters - getFetchFilters = mockedGetFilters - toJSON(): tParsedIndexPattern { - return { - id: this.id, - title: this.title, - } as tParsedIndexPattern; - } - getClusterManagerFilters = mockedGetFilters - getPinnedAgentFilter = mockedGetFilters - getExcludeManagerFilter = mockedGetFilters - getAllowAgentsFilter = mockedGetFilters + constructor(public id: string, public title: string) { + this.id = id; + this.title = title; + } + fields: any[]; + patternService: IndexPatternsService; + indexPattern: IndexPattern; + defaultFixedFilters: tFilter[]; + filters: tFilter[]; + init = jest.fn(); + select = jest.fn(); + fetch = jest.fn(); + getFilters = mockedGetFilters; + setFilters = jest.fn(); + getFields = mockedGetFilters; + getFixedFilters = mockedGetFilters; + getFetchFilters = mockedGetFilters; + toJSON(): tParsedIndexPattern { + return { + id: this.id, + title: this.title, + } as tParsedIndexPattern; + } + getClusterManagerFilters = mockedGetFilters; + getPinnedAgentFilter = mockedGetFilters; + getExcludeManagerFilter = mockedGetFilters; } class ExampleRepository implements tDataSourceRepository { - getDefault = jest.fn(); - setDefault = jest.fn(); - get = jest.fn(); - getAll = jest.fn(); + getDefault = jest.fn(); + setDefault = jest.fn(); + get = jest.fn(); + getAll = jest.fn(); } const createListPatternsMocked = (qty: number) => { - const list: DataSourceMocked[] = []; - for (let i = 0; i < qty; i++) { - list.push(new DataSourceMocked(`id ${i.toString()}`, `title ${i}`)); - } - return list; -} + const list: DataSourceMocked[] = []; + for (let i = 0; i < qty; i++) { + list.push(new DataSourceMocked(`id ${i.toString()}`, `title ${i}`)); + } + return list; +}; let repository = new ExampleRepository(); let mockedList = createListPatternsMocked(3); describe('PatternDataSourceSelector', () => { - - afterEach(() => { - jest.clearAllMocks(); - }) - - describe('constructor', () => { - it('should return ERROR when the selector not receive a repository', () => { - try { - new PatternDataSourceSelector(mockedList, null as any); - } catch (error) { - expect(error.message).toBe('Data source repository is required'); - } - }) - - it('should return ERROR when the selector not receive a valid repository', () => { - try { - new PatternDataSourceSelector([], new ExampleRepository()); - } catch (error) { - expect(error.message).toBe('Data sources list is required'); - } - }) - - }) - - describe('existsDataSource', () => { - it('should return TRUE when the data source exists', async () => { - jest.spyOn(repository, 'get').mockResolvedValue({ id: '1', name: 'DataSource 1' }); - const selector = new PatternDataSourceSelector(mockedList, repository); - const result = await selector.existsDataSource('1'); - expect(result).toBe(true); - expect(repository.get).toHaveBeenCalledTimes(1); - }); - - it('should return FALSE when the data source does not exist', async () => { - jest.spyOn(repository, 'get').mockResolvedValue(null); - const selector = new PatternDataSourceSelector(mockedList, repository); - const result = await selector.existsDataSource('fake-id'); - expect(result).toBe(false); - expect(repository.get).toHaveBeenCalledTimes(1); - }); - - it('should throw ERROR when not receive an id', async () => { - jest.spyOn(repository, 'get').mockResolvedValue(null); - try { - let selector = new PatternDataSourceSelector(mockedList, repository); - await selector.existsDataSource(null as any); - }catch(error){ - expect(error.message).toBe('Error checking data source. ID is required'); - } - }); - }) - - describe('getFirstValidDataSource', () => { - it('should return the first valid data source from the repository', async () => { - jest.spyOn(repository, 'get').mockResolvedValueOnce(null).mockResolvedValueOnce(true); - let selector = new PatternDataSourceSelector(mockedList,repository); - const result = await selector.getFirstValidDataSource(); - expect(result).toEqual(mockedList[1]); - expect(repository.get).toHaveBeenCalledTimes(2); - }); - - it('should throw an error when no valid data source is found', async () => { - jest.spyOn(repository, 'get').mockResolvedValueOnce(null).mockResolvedValueOnce(null).mockResolvedValueOnce(null); - let selector = new PatternDataSourceSelector(mockedList,repository); - try { - await selector.getFirstValidDataSource(); - } catch (error) { - expect(error.message).toBe('No valid data sources found'); - } - }); - }) - - describe('getAllDataSources', () => { - it('should return all data sources from the repository when the map is empty', async () => { - let selector = new PatternDataSourceSelector(mockedList,repository); - const result = await selector.getAllDataSources(); - expect(result).toEqual(mockedList); - }); - }) - - describe('getDataSource', () => { - - it('should return the selected data source from the repository', async () => { - jest.spyOn(repository, 'getDefault').mockResolvedValue(mockedList[0]); - let selector = new PatternDataSourceSelector(mockedList,repository); - const result = await selector.getSelectedDataSource(); - expect(result.id).toEqual(mockedList[0].id); - expect(repository.getDefault).toHaveBeenCalledTimes(1); - }); - - it('should return the first data source when the repository does not have a selected data source', async () => { - jest.spyOn(repository, 'getDefault').mockResolvedValue(null); - let selector = new PatternDataSourceSelector(mockedList,repository); - // mock spyon existsDataSource method to return 2 times differents values - jest.spyOn(selector, 'existsDataSource').mockResolvedValueOnce(false).mockResolvedValueOnce(true); - jest.spyOn(selector, 'selectDataSource').mockResolvedValue(); - const result = await selector.getSelectedDataSource(); - expect(result.id).toEqual(mockedList[1].id); - expect(repository.getDefault).toHaveBeenCalledTimes(1); - expect(selector.existsDataSource).toHaveBeenCalledTimes(2); - expect(selector.selectDataSource).toHaveBeenCalledTimes(1); - }) - - }) - - describe('selectDataSource', () => { - - it('should select a data source by ID when exists', async () => { - jest.spyOn(repository, 'setDefault').mockResolvedValue(true); - let selector = new PatternDataSourceSelector(mockedList,repository); - await selector.selectDataSource('id 1'); - expect(repository.setDefault).toHaveBeenCalledTimes(1); - expect(repository.setDefault).toHaveBeenCalledWith({ id: 'id 1', title: 'title 1' }); - }); - - it('should throw an error when selecting a non-existing data source', async () => { - jest.spyOn(repository, 'getAll').mockResolvedValue([]); - try { - let selector = new PatternDataSourceSelector(mockedList,repository); - await selector.selectDataSource('fake id'); - } catch (error) { - expect(error.message).toBe('Data source not found'); - } - }); - }) -}) \ No newline at end of file + afterEach(() => { + jest.clearAllMocks(); + }); + + describe('constructor', () => { + it('should return ERROR when the selector not receive a repository', () => { + try { + new PatternDataSourceSelector(mockedList, null as any); + } catch (error) { + expect(error.message).toBe('Data source repository is required'); + } + }); + + it('should return ERROR when the selector not receive a valid repository', () => { + try { + new PatternDataSourceSelector([], new ExampleRepository()); + } catch (error) { + expect(error.message).toBe('Data sources list is required'); + } + }); + }); + + describe('existsDataSource', () => { + it('should return TRUE when the data source exists', async () => { + jest + .spyOn(repository, 'get') + .mockResolvedValue({ id: '1', name: 'DataSource 1' }); + const selector = new PatternDataSourceSelector(mockedList, repository); + const result = await selector.existsDataSource('1'); + expect(result).toBe(true); + expect(repository.get).toHaveBeenCalledTimes(1); + }); + + it('should return FALSE when the data source does not exist', async () => { + jest.spyOn(repository, 'get').mockResolvedValue(null); + const selector = new PatternDataSourceSelector(mockedList, repository); + const result = await selector.existsDataSource('fake-id'); + expect(result).toBe(false); + expect(repository.get).toHaveBeenCalledTimes(1); + }); + + it('should throw ERROR when not receive an id', async () => { + jest.spyOn(repository, 'get').mockResolvedValue(null); + try { + let selector = new PatternDataSourceSelector(mockedList, repository); + await selector.existsDataSource(null as any); + } catch (error) { + expect(error.message).toBe( + 'Error checking data source. ID is required', + ); + } + }); + }); + + describe('getFirstValidDataSource', () => { + it('should return the first valid data source from the repository', async () => { + jest + .spyOn(repository, 'get') + .mockResolvedValueOnce(null) + .mockResolvedValueOnce(true); + let selector = new PatternDataSourceSelector(mockedList, repository); + const result = await selector.getFirstValidDataSource(); + expect(result).toEqual(mockedList[1]); + expect(repository.get).toHaveBeenCalledTimes(2); + }); + + it('should throw an error when no valid data source is found', async () => { + jest + .spyOn(repository, 'get') + .mockResolvedValueOnce(null) + .mockResolvedValueOnce(null) + .mockResolvedValueOnce(null); + let selector = new PatternDataSourceSelector(mockedList, repository); + try { + await selector.getFirstValidDataSource(); + } catch (error) { + expect(error.message).toBe('No valid data sources found'); + } + }); + }); + + describe('getAllDataSources', () => { + it('should return all data sources from the repository when the map is empty', async () => { + let selector = new PatternDataSourceSelector(mockedList, repository); + const result = await selector.getAllDataSources(); + expect(result).toEqual(mockedList); + }); + }); + + describe('getDataSource', () => { + it('should return the selected data source from the repository', async () => { + jest.spyOn(repository, 'getDefault').mockResolvedValue(mockedList[0]); + let selector = new PatternDataSourceSelector(mockedList, repository); + const result = await selector.getSelectedDataSource(); + expect(result.id).toEqual(mockedList[0].id); + expect(repository.getDefault).toHaveBeenCalledTimes(1); + }); + + it('should return the first data source when the repository does not have a selected data source', async () => { + jest.spyOn(repository, 'getDefault').mockResolvedValue(null); + let selector = new PatternDataSourceSelector(mockedList, repository); + // mock spyon existsDataSource method to return 2 times differents values + jest + .spyOn(selector, 'existsDataSource') + .mockResolvedValueOnce(false) + .mockResolvedValueOnce(true); + jest.spyOn(selector, 'selectDataSource').mockResolvedValue(); + const result = await selector.getSelectedDataSource(); + expect(result.id).toEqual(mockedList[1].id); + expect(repository.getDefault).toHaveBeenCalledTimes(1); + expect(selector.existsDataSource).toHaveBeenCalledTimes(2); + expect(selector.selectDataSource).toHaveBeenCalledTimes(1); + }); + }); + + describe('selectDataSource', () => { + it('should select a data source by ID when exists', async () => { + jest.spyOn(repository, 'setDefault').mockResolvedValue(true); + let selector = new PatternDataSourceSelector(mockedList, repository); + await selector.selectDataSource('id 1'); + expect(repository.setDefault).toHaveBeenCalledTimes(1); + expect(repository.setDefault).toHaveBeenCalledWith({ + id: 'id 1', + title: 'title 1', + }); + }); + + it('should throw an error when selecting a non-existing data source', async () => { + jest.spyOn(repository, 'getAll').mockResolvedValue([]); + try { + let selector = new PatternDataSourceSelector(mockedList, repository); + await selector.selectDataSource('fake id'); + } catch (error) { + expect(error.message).toBe('Data source not found'); + } + }); + }); +}); diff --git a/plugins/main/public/components/common/data-source/pattern/pattern-data-source.ts b/plugins/main/public/components/common/data-source/pattern/pattern-data-source.ts index 0301a3aee2..ef2bfb4fd7 100644 --- a/plugins/main/public/components/common/data-source/pattern/pattern-data-source.ts +++ b/plugins/main/public/components/common/data-source/pattern/pattern-data-source.ts @@ -40,7 +40,7 @@ export class PatternDataSource implements tDataSource { } getFetchFilters(): tFilter[] { - return [...this.getAllowAgentsFilter(), ...this.getExcludeManagerFilter()]; + return [...this.getExcludeManagerFilter()]; } async select() { @@ -122,10 +122,6 @@ export class PatternDataSource implements tDataSource { return PatternDataSourceFilterManager.getPinnedAgentFilter(this.id); } - getAllowAgentsFilter(): tFilter[] { - return PatternDataSourceFilterManager.getAllowAgentsFilter(this.id); - } - getExcludeManagerFilter(): tFilter[] { return PatternDataSourceFilterManager.getExcludeManagerFilter(this.id); } diff --git a/plugins/main/public/components/common/hooks/index.ts b/plugins/main/public/components/common/hooks/index.ts index 97e9aca234..35f7245307 100644 --- a/plugins/main/public/components/common/hooks/index.ts +++ b/plugins/main/public/components/common/hooks/index.ts @@ -18,7 +18,6 @@ export * from './use-time-filter'; export * from './useWindowSize'; export * from './useUserPermissions'; export * from './use-user-is-admin'; -export * from './useAllowedAgents'; export * from './useApiRequest'; export * from './use-app-config'; export * from './use_async_action'; diff --git a/plugins/main/public/components/common/hooks/useAllowedAgents.ts b/plugins/main/public/components/common/hooks/useAllowedAgents.ts deleted file mode 100644 index a4f4e878db..0000000000 --- a/plugins/main/public/components/common/hooks/useAllowedAgents.ts +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Wazuh app - React hooks to manage allowed users - * Copyright (C) 2015-2022 Wazuh, Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * Find more information about this on the LICENSE file. - */ - -import { useSelector } from 'react-redux'; -import { getFilterWithAuthorizedAgents } from '../../../react-services/filter-authorization-agents'; - -// It returns user allowed agents -export const useAllowedAgents = () => { - const allowedAgents = useSelector( - state => state.appStateReducers.allowedAgents, - ); - const filterAllowedAgents = getFilterWithAuthorizedAgents(allowedAgents); - return { allowedAgents, filterAllowedAgents }; -}; diff --git a/plugins/main/public/react-services/wz-agents.ts b/plugins/main/public/react-services/wz-agents.ts index 5c0a5a4c83..d2a6b8a37d 100644 --- a/plugins/main/public/react-services/wz-agents.ts +++ b/plugins/main/public/react-services/wz-agents.ts @@ -34,30 +34,3 @@ export function hasAgentSupportModule(agent, component) { const agentOSType = getAgentOSType(agent); return !UnsupportedComponents[agentOSType].includes(component); } - -export async function getAuthorizedAgents() { - try { - const params = { limit: 500 }; - const output: IApiResponse<{ id: string }> = await WzRequest.apiReq('GET', `/agents`, {}); - const totalItems = (((output || {}).data || {}).data || {}).total_affected_items; - let itemsArray = []; - if (totalItems && output.data && output.data.data && totalItems > 500) { - params.offset = 0; - itemsArray.push(...output.data.data.affected_items); - while (itemsArray.length < totalItems && params.offset < totalItems) { - params.offset += params.limit; - const tmpData: IApiResponse<{ id: string }> = await WzRequest.apiReq('GET', `/agents`, { - params: params, - }); - itemsArray.push(...tmpData.data.data.affected_items); - } - const allowedAgents = itemsArray ? itemsArray.map((agent) => agent.id) : []; - return allowedAgents; - } else { - const allowedAgents = output ? output.data.data.affected_items.map((agent) => agent.id) : []; - return allowedAgents; - } - } catch (error) { - throw error; - } -} diff --git a/plugins/main/public/react-services/wz-authentication.ts b/plugins/main/public/react-services/wz-authentication.ts index 83138bdf7b..fb167e7143 100644 --- a/plugins/main/public/react-services/wz-authentication.ts +++ b/plugins/main/public/react-services/wz-authentication.ts @@ -17,12 +17,10 @@ import store from '../redux/store'; import { updateUserPermissions, updateWithUserLogged, - updateAllowedAgents, updateUserAccount, } from '../redux/actions/appStateActions'; import { UI_LOGGER_LEVELS } from '../../common/constants'; import { getWazuhCorePlugin } from '../kibana-services'; -import { getAuthorizedAgents } from '../react-services/wz-agents'; import { UI_ERROR_SEVERITIES, UIErrorLog, @@ -83,15 +81,6 @@ export class WzAuthentication { // Get user Policies const userPolicies = await WzAuthentication.getUserPolicies(); - //Get allowed agents for the current user - let allowedAgents: any = []; - if (WzAuthentication.userHasAgentsPermissions(userPolicies)) { - allowedAgents = await getAuthorizedAgents(); - // users without read:agent police should not view info about any agent - allowedAgents = allowedAgents.length ? allowedAgents : ['-1']; - } - store.dispatch(updateAllowedAgents(allowedAgents)); - // Dispatch actions to set permissions and administrator consideration store.dispatch(updateUserPermissions(userPolicies)); diff --git a/plugins/main/public/redux/actions/appStateActions.js b/plugins/main/public/redux/actions/appStateActions.js index 899da9772a..5597068474 100644 --- a/plugins/main/public/redux/actions/appStateActions.js +++ b/plugins/main/public/redux/actions/appStateActions.js @@ -153,17 +153,6 @@ export const updateWithUserLogged = withUserLogged => { }; }; -/** - * Updates allowedAgents in the appState store - * @param allowedAgents - */ -export const updateAllowedAgents = allowedAgents => { - return { - type: 'GET_ALLOWED_AGENTS', - allowedAgents, - }; -}; - /** * Updates logtestToken in the appState store * @param logtestToken diff --git a/plugins/main/public/redux/reducers/appStateReducers.js b/plugins/main/public/redux/reducers/appStateReducers.js index fe583948ff..1c567af90a 100644 --- a/plugins/main/public/redux/reducers/appStateReducers.js +++ b/plugins/main/public/redux/reducers/appStateReducers.js @@ -23,7 +23,6 @@ const initialState = { userPermissions: false, toastNotification: false, withUserLogged: false, - allowedAgents: [], logtestToken: '', userAccount: { administrator: false, @@ -113,13 +112,6 @@ const appStateReducers = (state = initialState, action) => { }; } - if (action.type === 'GET_ALLOWED_AGENTS') { - return { - ...state, - allowedAgents: action.allowedAgents, - }; - } - if (action.type === 'UPDATE_LOGTEST_TOKEN') { return { ...state, diff --git a/plugins/main/server/controllers/wazuh-reporting.ts b/plugins/main/server/controllers/wazuh-reporting.ts index e6362fbec2..80b573b582 100644 --- a/plugins/main/server/controllers/wazuh-reporting.ts +++ b/plugins/main/server/controllers/wazuh-reporting.ts @@ -369,7 +369,6 @@ export class WazuhReportingCtrl { new Date(from).getTime(), new Date(to).getTime(), serverSideQuery, - agentsFilter, indexPatternTitle || context.wazuh_core.configuration.getSettingValue('pattern'), agents, @@ -382,11 +381,6 @@ export class WazuhReportingCtrl { printer.addTables([...tables, ...(additionalTables || [])]); } - //add authorized agents - if (agentsFilter?.agentsText) { - printer.addAgentsFilters(agentsFilter.agentsText); - } - await printer.print(context.wazuhEndpointParams.pathFilename); return response.ok({ @@ -1301,7 +1295,6 @@ export class WazuhReportingCtrl { from, to, serverSideQuery, - agentsFilter, indexPatternTitle || context.wazuh_core.configuration.getSettingValue('pattern'), agentID, diff --git a/plugins/main/server/lib/reporting/audit-request.ts b/plugins/main/server/lib/reporting/audit-request.ts index ecd3d38432..2f58155e78 100644 --- a/plugins/main/server/lib/reporting/audit-request.ts +++ b/plugins/main/server/lib/reporting/audit-request.ts @@ -25,13 +25,12 @@ export const getTop3AgentsSudoNonSuccessful = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '3': { @@ -93,13 +92,12 @@ export const getTop3AgentsFailedSyscalls = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '3': { @@ -175,13 +173,12 @@ export const getTopFailedSyscalls = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { diff --git a/plugins/main/server/lib/reporting/base-query.ts b/plugins/main/server/lib/reporting/base-query.ts index 7e67e541d8..13fa7e8b9a 100644 --- a/plugins/main/server/lib/reporting/base-query.ts +++ b/plugins/main/server/lib/reporting/base-query.ts @@ -12,16 +12,16 @@ import { cloneDeep } from 'lodash'; -export function Base(pattern: string, filters: any, gte: number, lte: number, allowedAgentsFilter: any = null) { +export function Base(pattern: string, filters: any, gte: number, lte: number) { const clonedFilter = cloneDeep(filters); clonedFilter?.bool?.must?.push?.({ range: { timestamp: { gte: gte, lte: lte, - format: 'epoch_millis' - } - } + format: 'epoch_millis', + }, + }, }); const base = { from: 0, @@ -29,7 +29,7 @@ export function Base(pattern: string, filters: any, gte: number, lte: number, al aggs: {}, sort: [], script_fields: {}, - query: clonedFilter + query: clonedFilter, }; return base; diff --git a/plugins/main/server/lib/reporting/extended-information.ts b/plugins/main/server/lib/reporting/extended-information.ts index cc7938e234..cc0b57f556 100644 --- a/plugins/main/server/lib/reporting/extended-information.ts +++ b/plugins/main/server/lib/reporting/extended-information.ts @@ -144,7 +144,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, agent = null, ) { @@ -184,7 +183,6 @@ export async function extendedInformation( to, vulnerabilitiesLevel, filters, - allowedAgentsFilter, pattern, ); return count @@ -209,7 +207,6 @@ export async function extendedInformation( to, 'Low', filters, - allowedAgentsFilter, pattern, ); const mediumRank = await VulnerabilityRequest.topAgentCount( @@ -218,7 +215,6 @@ export async function extendedInformation( to, 'Medium', filters, - allowedAgentsFilter, pattern, ); const highRank = await VulnerabilityRequest.topAgentCount( @@ -227,7 +223,6 @@ export async function extendedInformation( to, 'High', filters, - allowedAgentsFilter, pattern, ); const criticalRank = await VulnerabilityRequest.topAgentCount( @@ -236,7 +231,6 @@ export async function extendedInformation( to, 'Critical', filters, - allowedAgentsFilter, pattern, ); printer.logger.debug( @@ -286,7 +280,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); printer.logger.debug('Adding overview vulnerability detector top 3 CVEs'); @@ -314,7 +307,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); @@ -336,7 +328,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); printer.logger.debug('Adding most common rootkits'); @@ -366,7 +357,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); hiddenPids && @@ -385,7 +375,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); hiddenPorts && @@ -409,7 +398,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); printer.addContentWithNewLine({ @@ -422,7 +410,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, item, pattern, ); @@ -460,7 +447,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); printer.addContentWithNewLine({ @@ -473,7 +459,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, item, pattern, ); @@ -511,7 +496,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); printer.addContentWithNewLine({ @@ -524,7 +508,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, item, pattern, ); @@ -566,7 +549,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); if (auditAgentsNonSuccess && auditAgentsNonSuccess.length) { @@ -582,7 +564,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); if (auditAgentsFailedSyscall && auditAgentsFailedSyscall.length) { @@ -613,7 +594,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); @@ -639,7 +619,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); @@ -664,7 +643,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); auditFailedSyscall && @@ -715,7 +693,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); @@ -736,7 +713,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, pattern, ); @@ -840,7 +816,6 @@ export async function extendedInformation( to, vulnerabilitiesLevel, filters, - allowedAgentsFilter, pattern, ); } catch (error) { @@ -878,7 +853,6 @@ export async function extendedInformation( to, 'Critical', filters, - allowedAgentsFilter, pattern, ); if (topCriticalPackages && topCriticalPackages.length) { @@ -910,7 +884,6 @@ export async function extendedInformation( to, 'High', filters, - allowedAgentsFilter, pattern, ); if (topHighPackages && topHighPackages.length) { @@ -945,7 +918,6 @@ export async function extendedInformation( from, to, filters, - allowedAgentsFilter, summaryTable, pattern, ); diff --git a/plugins/main/server/lib/reporting/gdpr-request.ts b/plugins/main/server/lib/reporting/gdpr-request.ts index 95a2810346..1513cf4664 100644 --- a/plugins/main/server/lib/reporting/gdpr-request.ts +++ b/plugins/main/server/lib/reporting/gdpr-request.ts @@ -24,13 +24,12 @@ export const topGDPRRequirements = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -70,14 +69,13 @@ export const getRulesByRequirement = async ( gte, lte, filters, - allowedAgentsFilter, requirement, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { diff --git a/plugins/main/server/lib/reporting/overview-request.ts b/plugins/main/server/lib/reporting/overview-request.ts index e18b85a8bf..6de20768ad 100644 --- a/plugins/main/server/lib/reporting/overview-request.ts +++ b/plugins/main/server/lib/reporting/overview-request.ts @@ -19,18 +19,11 @@ import { Base } from './base-query'; * @param {String} filters E.g: cluster.name: wazuh AND rule.groups: vulnerability * @returns {Array} E.g:['000','130','300'] */ -export const topLevel15 = async ( - context, - gte, - lte, - filters, - allowedAgentsFilter, - pattern, -) => { +export const topLevel15 = async (context, gte, lte, filters, pattern) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { diff --git a/plugins/main/server/lib/reporting/pci-request.ts b/plugins/main/server/lib/reporting/pci-request.ts index 51d470683c..99a818763c 100644 --- a/plugins/main/server/lib/reporting/pci-request.ts +++ b/plugins/main/server/lib/reporting/pci-request.ts @@ -24,13 +24,12 @@ export const topPCIRequirements = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -85,14 +84,13 @@ export const getRulesByRequirement = async ( gte, lte, filters, - allowedAgentsFilter, requirement, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { diff --git a/plugins/main/server/lib/reporting/rootcheck-request.ts b/plugins/main/server/lib/reporting/rootcheck-request.ts index f5d3577765..357251a678 100644 --- a/plugins/main/server/lib/reporting/rootcheck-request.ts +++ b/plugins/main/server/lib/reporting/rootcheck-request.ts @@ -24,14 +24,13 @@ export const top5RootkitsDetected = async ( gte, lte, filters, - allowedAgentsFilter, pattern, size = 5, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -82,13 +81,12 @@ export const agentsWithHiddenPids = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '1': { @@ -134,13 +132,12 @@ export const agentsWithHiddenPorts = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '1': { diff --git a/plugins/main/server/lib/reporting/summary-table.test.ts b/plugins/main/server/lib/reporting/summary-table.test.ts index 1629d5b234..720eedaca3 100644 --- a/plugins/main/server/lib/reporting/summary-table.test.ts +++ b/plugins/main/server/lib/reporting/summary-table.test.ts @@ -11,7 +11,6 @@ describe('Summary table', () => { 'now/1h', 'now', [], - [], summarySetup, 'pattern', ); @@ -106,7 +105,6 @@ describe('Summary table', () => { 'now/1h', 'now', [], - [], summarySetup, 'pattern', ); diff --git a/plugins/main/server/lib/reporting/summary-table.ts b/plugins/main/server/lib/reporting/summary-table.ts index 051f7491fe..561fa46540 100644 --- a/plugins/main/server/lib/reporting/summary-table.ts +++ b/plugins/main/server/lib/reporting/summary-table.ts @@ -17,15 +17,7 @@ interface SummarySetup { } export default class SummaryTable { - constructor( - context, - gte, - lte, - filters, - allowedAgentsFilter, - summarySetup: SummarySetup, - pattern, - ) { + constructor(context, gte, lte, filters, summarySetup: SummarySetup, pattern) { this._context = context; this._pattern = pattern; this._summarySetup = summarySetup; @@ -34,10 +26,7 @@ export default class SummaryTable { this._rows = []; this._title = summarySetup.title; - Object.assign( - this._base, - Base(pattern, filters, gte, lte, allowedAgentsFilter), - ); + Object.assign(this._base, Base(pattern, filters, gte, lte)); this._parseSummarySetup(summarySetup); } diff --git a/plugins/main/server/lib/reporting/syscheck-request.ts b/plugins/main/server/lib/reporting/syscheck-request.ts index d702a83aa8..07ae4c9536 100644 --- a/plugins/main/server/lib/reporting/syscheck-request.ts +++ b/plugins/main/server/lib/reporting/syscheck-request.ts @@ -19,18 +19,11 @@ import { Base } from './base-query'; * @param {String} filters E.g: cluster.name: wazuh AND rule.groups: vulnerability * @returns {Array} */ -export const top3agents = async ( - context, - gte, - lte, - filters, - allowedAgentsFilter, - pattern, -) => { +export const top3agents = async (context, gte, lte, filters, pattern) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -72,18 +65,11 @@ export const top3agents = async ( * @param {String} filters E.g: cluster.name: wazuh AND rule.groups: vulnerability * @returns {Array} */ -export const top3Rules = async ( - context, - gte, - lte, - filters, - allowedAgentsFilter, - pattern, -) => { +export const top3Rules = async (context, gte, lte, filters, pattern) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -140,13 +126,12 @@ export const lastTenDeletedFiles = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -194,13 +179,12 @@ export const lastTenModifiedFiles = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { diff --git a/plugins/main/server/lib/reporting/tsc-request.ts b/plugins/main/server/lib/reporting/tsc-request.ts index 44669489d4..502d3ba924 100644 --- a/plugins/main/server/lib/reporting/tsc-request.ts +++ b/plugins/main/server/lib/reporting/tsc-request.ts @@ -24,13 +24,12 @@ export const topTSCRequirements = async ( gte, lte, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -85,14 +84,13 @@ export const getRulesByRequirement = async ( gte, lte, filters, - allowedAgentsFilter, requirement, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { diff --git a/plugins/main/server/lib/reporting/vulnerability-request.ts b/plugins/main/server/lib/reporting/vulnerability-request.ts index 5402de6fcd..de254ec09b 100644 --- a/plugins/main/server/lib/reporting/vulnerability-request.ts +++ b/plugins/main/server/lib/reporting/vulnerability-request.ts @@ -26,13 +26,12 @@ export const topAgentCount = async ( lte, severity, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -74,18 +73,11 @@ export const topAgentCount = async ( * @param {String} filters E.g: cluster.name: wazuh AND rule.groups: vulnerability * @returns {Array} */ -export const topCVECount = async ( - context, - gte, - lte, - filters, - allowedAgentsFilter, - pattern, -) => { +export const topCVECount = async (context, gte, lte, filters, pattern) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -126,13 +118,12 @@ export const uniqueSeverityCount = async ( lte, severity, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '1': { @@ -172,13 +163,12 @@ export const topPackages = async ( lte, severity, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { @@ -222,13 +212,12 @@ export const topPackagesWithCVE = async ( lte, severity, filters, - allowedAgentsFilter, pattern, ) => { try { const base = {}; - Object.assign(base, Base(pattern, filters, gte, lte, allowedAgentsFilter)); + Object.assign(base, Base(pattern, filters, gte, lte)); Object.assign(base.aggs, { '2': { From 10dff41e52bed63285d19d09901aa13d259ebc79 Mon Sep 17 00:00:00 2001 From: Guido Modarelli <38738725+guidomodarelli@users.noreply.github.com> Date: Thu, 5 Sep 2024 10:54:43 -0300 Subject: [PATCH 11/11] refactor: Update malware detection group values in data sources (#6965) * refactor: Update malware detection group values in data sources * style: Fix missing semicolon and format code * chore: Refactor code style for consistent arrow functions * docs: Update malware detection group values in data sources --- CHANGELOG.md | 3 ++- .../malware-detection-data-source.ts | 17 +++++++++++------ .../pattern-data-source-filter-manager.ts | 2 +- 3 files changed, 14 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cb56195b56..a79a0356ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ All notable changes to the Wazuh app project will be documented in this file. ### Changed +- Update malware detection group values in data sources [#6963](https://github.com/wazuh/wazuh-dashboard-plugins/issues/6963) - Changed the registration id of the Settings application for compatibility with Opensearch Dashboard 2.16.0 [#6938](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6938) ### Removed @@ -644,7 +645,7 @@ All notable changes to the Wazuh app project will be documented in this file. [#3367](https://github.com/wazuh/wazuh-dashboard-plugins/pull/3367) [#3373](https://github.com/wazuh/wazuh-dashboard-plugins/pull/3373) [#3374](https://github.com/wazuh/wazuh-dashboard-plugins/pull/3374) - [#3390](https://github.com/wazuh/wazuh-dashboard-plugins/pull/3390) + [#3390](https://github.com/wazuh/wazuh-dashboard-plugins/pull/3390) [#3410](https://github.com/wazuh/wazuh-dashboard-plugins/pull/3410) [#3408](https://github.com/wazuh/wazuh-dashboard-plugins/pull/3408) [#3429](https://github.com/wazuh/wazuh-dashboard-plugins/pull/3429) diff --git a/plugins/main/public/components/common/data-source/pattern/alerts/malware-detection/malware-detection-data-source.ts b/plugins/main/public/components/common/data-source/pattern/alerts/malware-detection/malware-detection-data-source.ts index 4b5d0f7981..fec9e78153 100644 --- a/plugins/main/public/components/common/data-source/pattern/alerts/malware-detection/malware-detection-data-source.ts +++ b/plugins/main/public/components/common/data-source/pattern/alerts/malware-detection/malware-detection-data-source.ts @@ -1,9 +1,10 @@ import { tFilter } from '../../../index'; import { DATA_SOURCE_FILTER_CONTROLLED_MALWARE_DETECTION_RULE_GROUP } from '../../../../../../../common/constants'; import { AlertsDataSource } from '../alerts-data-source'; +import { FILTER_OPERATOR, PatternDataSourceFilterManager } from '../../..'; const MALWARE_DETECTION_GROUP_KEY = 'rule.groups'; -const MALWARE_DETECTION_GROUP_VALUE = 'rootcheck'; +const MALWARE_DETECTION_GROUP_VALUES = ['rootcheck', 'virustotal', 'yara']; export class MalwareDetectionDataSource extends AlertsDataSource { constructor(id: string, title: string) { @@ -11,11 +12,15 @@ export class MalwareDetectionDataSource extends AlertsDataSource { } getRuleGroupsFilter() { - return super.getRuleGroupsFilter( - MALWARE_DETECTION_GROUP_KEY, - MALWARE_DETECTION_GROUP_VALUE, - DATA_SOURCE_FILTER_CONTROLLED_MALWARE_DETECTION_RULE_GROUP, - ); + return [ + PatternDataSourceFilterManager.createFilter( + FILTER_OPERATOR.IS_ONE_OF, + MALWARE_DETECTION_GROUP_KEY, + MALWARE_DETECTION_GROUP_VALUES, + this.id, + DATA_SOURCE_FILTER_CONTROLLED_MALWARE_DETECTION_RULE_GROUP, + ), + ]; } getFixedFilters(): tFilter[] { diff --git a/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.ts b/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.ts index dc7c55130f..f26282ad85 100644 --- a/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.ts +++ b/plugins/main/public/components/common/data-source/pattern/pattern-data-source-filter-manager.ts @@ -325,7 +325,7 @@ export class PatternDataSourceFilterManager static createFilter( type: FILTER_OPERATOR, key: string, - value: string | [], + value: string | string[], indexPatternId: string, controlledBy?: string, ) {