ID

VAR-202006-0946


CVE

CVE-2020-15358


TITLE

SQLite Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-007164

DESCRIPTION

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. SQLite Is vulnerable to out-of-bounds writes.Service operation interruption (DoS) It may be put into a state. SQLite is an open source embedded relational database management system based on C language developed by American D.Richard Hipp software developer. The system has the characteristics of independence, isolation and cross-platform. multiSelectOrderBy in versions prior to SQLite 3.32.3 has a buffer error vulnerability. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. Summary: An update is now available for Service Telemetry Framework 1.4 for RHEL 8. Description: Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally. Bugs fixed (https://bugzilla.redhat.com/): 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 5. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1945703 - "Guest OS Info" availability in VMI describe is flaky 1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster 1963275 - migration controller null pointer dereference 1965099 - Live Migration double handoff to virt-handler causes connection failures 1965181 - CDI importer doesn't report AwaitingVDDK like it used to 1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod 1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs 1969756 - Windows VMs fail to start on air-gapped environments 1970372 - Virt-handler fails to verify container-disk 1973227 - segfault in virt-controller during pdb deletion 1974084 - 2.6.6 containers 1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted] 1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration 1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner 1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i... 1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat OpenShift Container Storage 4.6.5 security and bug fix update Advisory ID: RHSA-2021:2479-01 Product: Red Hat OpenShift Container Storage Advisory URL: https://access.redhat.com/errata/RHSA-2021:2479 Issue date: 2021-06-17 CVE Names: CVE-2016-10228 CVE-2017-14502 CVE-2019-2708 CVE-2019-3842 CVE-2019-9169 CVE-2019-13012 CVE-2019-14866 CVE-2019-25013 CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 CVE-2020-8927 CVE-2020-9948 CVE-2020-9951 CVE-2020-9983 CVE-2020-13434 CVE-2020-13543 CVE-2020-13584 CVE-2020-13776 CVE-2020-15358 CVE-2020-24977 CVE-2020-25659 CVE-2020-25678 CVE-2020-26116 CVE-2020-26137 CVE-2020-27618 CVE-2020-27619 CVE-2020-27783 CVE-2020-28196 CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 CVE-2020-36242 CVE-2021-3139 CVE-2021-3177 CVE-2021-3326 CVE-2021-3449 CVE-2021-3450 CVE-2021-3528 CVE-2021-20305 CVE-2021-23239 CVE-2021-23240 CVE-2021-23336 ==================================================================== 1. Summary: Updated images that fix one security issue and several bugs are now available for Red Hat OpenShift Container Storage 4.6.5 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API. Security Fix(es): * NooBaa: noobaa-operator leaking RPC AuthToken into log files (CVE-2021-3528) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Currently, a newly restored PVC cannot be mounted if some of the OpenShift Container Platform nodes are running on a version of Red Hat Enterprise Linux which is less than 8.2, and the snapshot from which the PVC was restored is deleted. Workaround: Do not delete the snapshot from which the PVC was restored until the restored PVC is deleted. (BZ#1962483) * Previously, the default backingstore was not created on AWS S3 when OpenShift Container Storage was deployed, due to incorrect identification of AWS S3. With this update, the default backingstore gets created when OpenShift Container Storage is deployed on AWS S3. (BZ#1927307) * Previously, log messages were printed to the endpoint pod log even if the debug option was not set. With this update, the log messages are printed to the endpoint pod log only when the debug option is set. (BZ#1938106) * Previously, the PVCs could not be provisioned as the `rook-ceph-mds` did not register the pod IP on the monitor servers, and hence every mount on the filesystem timed out, resulting in CephFS volume provisioning failure. With this update, an argument `--public-addr=podIP` is added to the MDS pod when the host network is not enabled, and hence the CephFS volume provisioning does not fail. (BZ#1949558) * Previously, OpenShift Container Storage 4.2 clusters were not updated with the correct cache value, and hence MDSs in standby-replay might report an oversized cache, as rook did not apply the `mds_cache_memory_limit` argument during upgrades. With this update, the `mds_cache_memory_limit` argument is applied during upgrades and the mds daemon operates normally. (BZ#1951348) * Previously, the coredumps were not generated in the correct location as rook was setting the config option `log_file` to an empty string since logging happened on stdout and not on the files, and hence Ceph read the value of the `log_file` to build the dump path. With this update, rook does not set the `log_file` and keeps Ceph's internal default, and hence the coredumps are generated in the correct location and are accessible under `/var/log/ceph/`. (BZ#1938049) * Previously, Ceph became inaccessible, as the mons lose quorum if a mon pod was drained while another mon was failing over. With this update, voluntary mon drains are prevented while a mon is failing over, and hence Ceph does not become inaccessible. (BZ#1946573) * Previously, the mon quorum was at risk, as the operator could erroneously remove the new mon if the operator was restarted during a mon failover. With this update, the operator completes the same mon failover after the operator is restarted, and hence the mon quorum is more reliable in the node drains and mon failover scenarios. (BZ#1959983) All users of Red Hat OpenShift Container Storage are advised to pull these new images from the Red Hat Container Registry. 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 1938106 - [GSS][RFE]Reduce debug level for logs of Nooba Endpoint pod 1950915 - XSS Vulnerability with Noobaa version 5.5.0-3bacc6b 1951348 - [GSS][CephFS] health warning "MDS cache is too large (3GB/1GB); 0 inodes in use by clients, 0 stray files" for the standby-replay 1951600 - [4.6.z][Clone of BZ #1936545] setuid and setgid file bits are not retained after a OCS CephFS CSI restore 1955601 - CVE-2021-3528 NooBaa: noobaa-operator leaking RPC AuthToken into log files 1957189 - [Rebase] Use RHCS4.2z1 container image with OCS 4..6.5[may require doc update for external mode min supported RHCS version] 1959980 - When a node is being drained, increase the mon failover timeout to prevent unnecessary mon failover 1959983 - [GSS][mon] rook-operator scales mons to 4 after healthCheck timeout 1962483 - [RHEL7][RBD][4.6.z clone] FailedMount error when using restored PVC on app pod 5. References: https://access.redhat.com/security/cve/CVE-2016-10228 https://access.redhat.com/security/cve/CVE-2017-14502 https://access.redhat.com/security/cve/CVE-2019-2708 https://access.redhat.com/security/cve/CVE-2019-3842 https://access.redhat.com/security/cve/CVE-2019-9169 https://access.redhat.com/security/cve/CVE-2019-13012 https://access.redhat.com/security/cve/CVE-2019-14866 https://access.redhat.com/security/cve/CVE-2019-25013 https://access.redhat.com/security/cve/CVE-2020-8231 https://access.redhat.com/security/cve/CVE-2020-8284 https://access.redhat.com/security/cve/CVE-2020-8285 https://access.redhat.com/security/cve/CVE-2020-8286 https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2020-9948 https://access.redhat.com/security/cve/CVE-2020-9951 https://access.redhat.com/security/cve/CVE-2020-9983 https://access.redhat.com/security/cve/CVE-2020-13434 https://access.redhat.com/security/cve/CVE-2020-13543 https://access.redhat.com/security/cve/CVE-2020-13584 https://access.redhat.com/security/cve/CVE-2020-13776 https://access.redhat.com/security/cve/CVE-2020-15358 https://access.redhat.com/security/cve/CVE-2020-24977 https://access.redhat.com/security/cve/CVE-2020-25659 https://access.redhat.com/security/cve/CVE-2020-25678 https://access.redhat.com/security/cve/CVE-2020-26116 https://access.redhat.com/security/cve/CVE-2020-26137 https://access.redhat.com/security/cve/CVE-2020-27618 https://access.redhat.com/security/cve/CVE-2020-27619 https://access.redhat.com/security/cve/CVE-2020-27783 https://access.redhat.com/security/cve/CVE-2020-28196 https://access.redhat.com/security/cve/CVE-2020-29361 https://access.redhat.com/security/cve/CVE-2020-29362 https://access.redhat.com/security/cve/CVE-2020-29363 https://access.redhat.com/security/cve/CVE-2020-36242 https://access.redhat.com/security/cve/CVE-2021-3139 https://access.redhat.com/security/cve/CVE-2021-3177 https://access.redhat.com/security/cve/CVE-2021-3326 https://access.redhat.com/security/cve/CVE-2021-3449 https://access.redhat.com/security/cve/CVE-2021-3450 https://access.redhat.com/security/cve/CVE-2021-3528 https://access.redhat.com/security/cve/CVE-2021-20305 https://access.redhat.com/security/cve/CVE-2021-23239 https://access.redhat.com/security/cve/CVE-2021-23240 https://access.redhat.com/security/cve/CVE-2021-23336 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. Bug Fix(es): * WMCO patch pub-key-hash annotation to Linux node (BZ#1945248) * LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath (BZ#1952917) * Telemetry info not completely available to identify windows nodes (BZ#1955319) * WMCO incorrectly shows node as ready after a failed configuration (BZ#1956412) * kube-proxy service terminated unexpectedly after recreated LB service (BZ#1963263) 3. Solution: For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/4.7/windows_containers/window s-node-upgrades.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1945248 - WMCO patch pub-key-hash annotation to Linux node 1946538 - CVE-2021-25736 kubernetes: LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM 1952917 - LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath 1955319 - Telemetry info not completely available to identify windows nodes 1956412 - WMCO incorrectly shows node as ready after a failed configuration 1963263 - kube-proxy service terminated unexpectedly after recreated LB service 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212147. Analytics Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2021-1761: Cees Elzinga APFS Available for: macOS Big Sur 11.0.1 Impact: A local user may be able to read arbitrary files Description: The issue was addressed with improved permissions logic. CVE-2021-1797: Thomas Tempelmann CFNetwork Cache Available for: macOS Catalina 10.15.7 and macOS Mojave 10.14.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An integer overflow was addressed with improved input validation. CVE-2020-27945: Zhuo Liang of Qihoo 360 Vulcan Team CoreAnimation Available for: macOS Big Sur 11.0.1 Impact: A malicious application could execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed with improved state management. CVE-2021-1760: @S0rryMybad of 360 Vulcan Team CoreAudio Available for: macOS Big Sur 11.0.1 Impact: Processing maliciously crafted web content may lead to code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-1747: JunDong Xie of Ant Security Light-Year Lab CoreGraphics Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1776: Ivan Fratric of Google Project Zero CoreMedia Available for: macOS Big Sur 11.0.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1759: Hou JingYi (@hjy79425575) of Qihoo 360 CERT CoreText Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A stack overflow was addressed with improved input validation. CVE-2021-1772: Mickey Jin of Trend Micro working with Trend Micro’s Zero Day Initiative CoreText Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: A remote attacker may be able to cause arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1792: Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro’s Zero Day Initiative Crash Reporter Available for: macOS Catalina 10.15.7 Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2021-1761: Cees Elzinga Crash Reporter Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: A local attacker may be able to elevate their privileges Description: Multiple issues were addressed with improved logic. CVE-2021-1787: James Hutchins Crash Reporter Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: A local user may be able to create or modify system files Description: A logic issue was addressed with improved state management. CVE-2021-1786: Csaba Fitzl (@theevilbit) of Offensive Security Directory Utility Available for: macOS Catalina 10.15.7 Impact: A malicious application may be able to access private information Description: A logic issue was addressed with improved state management. CVE-2020-27937: Wojciech Reguła (@_r3ggi) of SecuRing Endpoint Security Available for: macOS Catalina 10.15.7 Impact: A local attacker may be able to elevate their privileges Description: A logic issue was addressed with improved state management. CVE-2021-1802: Zhongcheng Li (@CK01) from WPS Security Response Center FairPlay Available for: macOS Big Sur 11.0.1 Impact: A malicious application may be able to disclose kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. CVE-2021-1791: Junzhi Lu (@pwn0rz), Qi Sun & Mickey Jin of Trend Micro working with Trend Micro’s Zero Day Initiative FontParser Available for: macOS Catalina 10.15.7 Impact: Processing a maliciously crafted font may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1790: Peter Nguyen Vu Hoang of STAR Labs FontParser Available for: macOS Mojave 10.14.6 Impact: Processing a maliciously crafted font may lead to arbitrary code execution Description: This issue was addressed by removing the vulnerable code. CVE-2021-1775: Mickey Jin and Qi Sun of Trend Micro FontParser Available for: macOS Mojave 10.14.6 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-29608: Xingwei Lin of Ant Security Light-Year Lab FontParser Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7 Impact: A remote attacker may be able to cause arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1758: Peter Nguyen of STAR Labs ImageIO Available for: macOS Big Sur 11.0.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An access issue was addressed with improved memory management. CVE-2021-1783: Xingwei Lin of Ant Security Light-Year Lab ImageIO Available for: macOS Big Sur 11.0.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1741: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1743: Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro’s Zero Day Initiative, Xingwei Lin of Ant Security Light- Year Lab ImageIO Available for: macOS Big Sur 11.0.1 Impact: Processing a maliciously crafted image may lead to a denial of service Description: A logic issue was addressed with improved state management. CVE-2021-1773: Xingwei Lin of Ant Security Light-Year Lab ImageIO Available for: macOS Big Sur 11.0.1 Impact: Processing a maliciously crafted image may lead to a denial of service Description: An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking. CVE-2021-1778: Xingwei Lin of Ant Security Light-Year Lab ImageIO Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1736: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1785: Xingwei Lin of Ant Security Light-Year Lab ImageIO Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Processing a maliciously crafted image may lead to a denial of service Description: This issue was addressed with improved checks. CVE-2021-1766: Danny Rosseau of Carve Systems ImageIO Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2021-1818: Xingwei Lin from Ant-Financial Light-Year Security Lab ImageIO Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-1742: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1746: Mickey Jin & Qi Sun of Trend Micro, Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1754: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1774: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1777: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1793: Xingwei Lin of Ant Security Light-Year Lab ImageIO Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-1737: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1738: Lei Sun CVE-2021-1744: Xingwei Lin of Ant Security Light-Year Lab IOKit Available for: macOS Big Sur 11.0.1 Impact: An application may be able to execute arbitrary code with system privileges Description: A logic error in kext loading was addressed with improved state handling. CVE-2021-1779: Csaba Fitzl (@theevilbit) of Offensive Security IOSkywalkFamily Available for: macOS Big Sur 11.0.1 Impact: A local attacker may be able to elevate their privileges Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1757: Pan ZhenPeng (@Peterpan0927) of Alibaba Security, Proteas Kernel Available for: macOS Catalina 10.15.7 and macOS Mojave 10.14.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab Kernel Available for: macOS Big Sur 11.0.1 Impact: A remote attacker may be able to cause a denial of service Description: A use after free issue was addressed with improved memory management. CVE-2021-1764: @m00nbsd Kernel Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited. Description: A race condition was addressed with improved locking. CVE-2021-1782: an anonymous researcher Kernel Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple issues were addressed with improved logic. CVE-2021-1750: @0xalsr Login Window Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: An attacker in a privileged network position may be able to bypass authentication policy Description: An authentication issue was addressed with improved state management. CVE-2020-29633: Jewel Lambert of Original Spin, LLC. Messages Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: A user that is removed from an iMessage group could rejoin the group Description: This issue was addressed with improved checks. CVE-2021-1771: Shreyas Ranganatha (@strawsnoceans) Model I/O Available for: macOS Big Sur 11.0.1 Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-1762: Mickey Jin of Trend Micro Model I/O Available for: macOS Catalina 10.15.7 Impact: Processing a maliciously crafted file may lead to heap corruption Description: This issue was addressed with improved checks. CVE-2020-29614: ZhiWei Sun (@5n1p3r0010) from Topsec Alpha Lab Model I/O Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-1763: Mickey Jin of Trend Micro working with Trend Micro’s Zero Day Initiative Model I/O Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Processing a maliciously crafted image may lead to heap corruption Description: This issue was addressed with improved checks. CVE-2021-1767: Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro’s Zero Day Initiative Model I/O Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1745: Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro’s Zero Day Initiative Model I/O Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1753: Mickey Jin of Trend Micro working with Trend Micro’s Zero Day Initiative Model I/O Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1768: Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro’s Zero Day Initiative NetFSFramework Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2021-1751: Mikko Kenttälä (@Turmio_) of SensorFu OpenLDAP Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6 Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-25709 Power Management Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7 Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved state management. CVE-2020-27938: Tim Michaud (@TimGMichaud) of Leviathan Screen Sharing Available for: macOS Big Sur 11.0.1 Impact: Multiple issues in pcre Description: Multiple issues were addressed by updating to version 8.44. CVE-2019-20838 CVE-2020-14155 SQLite Available for: macOS Catalina 10.15.7 Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating SQLite to version 3.32.3. CVE-2020-15358 Swift Available for: macOS Big Sur 11.0.1 Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A logic issue was addressed with improved validation. CVE-2021-1769: CodeColorist of Ant-Financial Light-Year Labs WebKit Available for: macOS Big Sur 11.0.1 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-1788: Francisco Alonso (@revskills) WebKit Available for: macOS Big Sur 11.0.1 Impact: Maliciously crafted web content may violate iframe sandboxing policy Description: This issue was addressed with improved iframe sandbox enforcement. CVE-2021-1765: Eliya Stein of Confiant CVE-2021-1801: Eliya Stein of Confiant WebKit Available for: macOS Big Sur 11.0.1 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved state handling. CVE-2021-1789: @S0rryMybad of 360 Vulcan Team WebKit Available for: macOS Big Sur 11.0.1 Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: A logic issue was addressed with improved restrictions. CVE-2021-1871: an anonymous researcher CVE-2021-1870: an anonymous researcher WebRTC Available for: macOS Big Sur 11.0.1 Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A port redirection issue was addressed with additional port validation. CVE-2021-1799: Gregory Vishnepolsky & Ben Seri of Armis Security, and Samy Kamkar Additional recognition Kernel We would like to acknowledge Junzhi Lu (@pwn0rz), Mickey Jin & Jesse Change of Trend Micro for their assistance. libpthread We would like to acknowledge CodeColorist of Ant-Financial Light-Year Labs for their assistance. Login Window We would like to acknowledge Jose Moises Romero-Villanueva of CrySolve for their assistance. Mail Drafts We would like to acknowledge Jon Bottarini of HackerOne for their assistance. Screen Sharing Server We would like to acknowledge @gorelics for their assistance. WebRTC We would like to acknowledge Philipp Hancke for their assistance. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmAYgrkACgkQZcsbuWJ6 jjATvhAAmcspGY8ZHJcSUGr9mysz5iT9oGkZcvFa8kcJsFAvFb9Wjz0M2eovBXQc D9bD7LrUpodiqkSobB4bEevpD9P8E/T/eRSBxjomKLv5DKHPT4eh/K2EU6R6ubVi GGNlT9DJrIxcTJIB2y/yfs8msV2w2/gZDLKJZP4Zh6t8G1sjI17iEaxpOph67aq2 X0d+P7+7q1mUBa47JEQ+HIUNlfHtBL825cnmHD2Vn1WELQLKZfXBl+nPM9l9naRc 3vYIvR7xJ5c4bqFx7N9xwGdQ5TRIoDijqADwggGwOZEiVZ7PWifj/iCLUz4Ks4hr oGVE1UxN1oSX63D44ZQyfiyIWIiMtDV9V4J6mUoUnZ6RTTMoRRAF9DcSVF5/wmHk odYnMeouHc543ZyVBtdtwJ/tbuBvTOjzpNn0+UgiyRL9wG/xxQq+gB4vwgSEviek bBhyvdxLVWW0ULwFeN5rI5bCQBkv6BB9OSyhD6sMRrp59NAgBBS2nstZG1RAt7XL 2KZ1GpoNcuDRLj7ElxAfeJuPM1dFVTK48SH56M1FElz/QowZVOXyKgUoaeVTUyAC 3WOACmFAosFIclCbr8z8yGynX2bsCGBNKv4pKoHlyZCyFHCQw9L6uR2gRkOp86+M iqHtE2L1WUZvUMCIKxfdixILEfoacSVCxr3+v4SSDOcEbSDYEIA= =mUkG -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-26 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: SQLite: Multiple vulnerabilities Date: July 27, 2020 Bugs: #716748 ID: 202007-26 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code. Background ========= SQLite is a C library that implements an SQL database engine. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/sqlite < 3.32.3 >= 3.32.3 Description ========== Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All SQLite users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">\xdev-db/sqlite-3.32.3" References ========= [ 1 ] CVE-2019-20218 https://nvd.nist.gov/vuln/detail/CVE-2019-20218 [ 2 ] CVE-2020-11655 https://nvd.nist.gov/vuln/detail/CVE-2020-11655 [ 3 ] CVE-2020-11656 https://nvd.nist.gov/vuln/detail/CVE-2020-11656 [ 4 ] CVE-2020-13434 https://nvd.nist.gov/vuln/detail/CVE-2020-13434 [ 5 ] CVE-2020-13435 https://nvd.nist.gov/vuln/detail/CVE-2020-13435 [ 6 ] CVE-2020-13630 https://nvd.nist.gov/vuln/detail/CVE-2020-13630 [ 7 ] CVE-2020-13631 https://nvd.nist.gov/vuln/detail/CVE-2020-13631 [ 8 ] CVE-2020-13632 https://nvd.nist.gov/vuln/detail/CVE-2020-13632 [ 9 ] CVE-2020-13871 https://nvd.nist.gov/vuln/detail/CVE-2020-13871 [ 10 ] CVE-2020-15358 https://nvd.nist.gov/vuln/detail/CVE-2020-15358 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202007-26 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Security Fix(es): * golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) * golang: net: lookup functions may return invalid host names (CVE-2021-33195) * golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) * golang: match/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198) * golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader (CVE-2021-27918) * golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525) * golang: archive/zip: malformed archive may cause panic or memory exhaustion (CVE-2021-33196) It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless client kn 1.16.0. This has been fixed (CVE-2021-3703). Bugs fixed (https://bugzilla.redhat.com/): 1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic 1983651 - Release of OpenShift Serverless Serving 1.17.0 1983654 - Release of OpenShift Serverless Eventing 1.17.0 1989564 - CVE-2021-33195 golang: net: lookup functions may return invalid host names 1989570 - CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty 1989575 - CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents 1992955 - CVE-2021-3703 serverless: incomplete fix for CVE-2021-27918 / CVE-2021-31525 / CVE-2021-33196 5

Trust: 2.43

sources: NVD: CVE-2020-15358 // JVNDB: JVNDB-2020-007164 // VULHUB: VHN-168328 // PACKETSTORM: 168011 // PACKETSTORM: 163789 // PACKETSTORM: 163209 // PACKETSTORM: 163257 // PACKETSTORM: 163496 // PACKETSTORM: 161245 // PACKETSTORM: 158592 // PACKETSTORM: 164192

AFFECTED PRODUCTS

vendor:oraclemodel:communications messaging serverscope:eqversion:8.1

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.0.1

Trust: 1.0

vendor:siemensmodel:sinec infrastructure network servicesscope:ltversion:1.0.1.1

Trust: 1.0

vendor:sqlitemodel:sqlitescope:ltversion:3.32.3

Trust: 1.0

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.4.0.0

Trust: 1.0

vendor:oraclemodel:hyperion infrastructure technologyscope:eqversion:11.1.2.4

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:20.04

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:14.0

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:7.0

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:14.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core policyscope:eqversion:1.14.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.0

Trust: 1.0

vendor:oraclemodel:communications network charging and controlscope:eqversion:12.0.2

Trust: 1.0

vendor:oraclemodel:outside in technologyscope:eqversion:8.5.4

Trust: 1.0

vendor:oraclemodel:mysqlscope:lteversion:8.0.22

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:7.21

Trust: 1.0

vendor:oraclemodel:communications network charging and controlscope:eqversion:6.0.1

Trust: 1.0

vendor:oraclemodel:outside in technologyscope:eqversion:8.5.5

Trust: 1.0

vendor:sqlitemodel:sqlitescope:eqversion:3.32.3

Trust: 0.8

sources: JVNDB: JVNDB-2020-007164 // NVD: CVE-2020-15358

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-15358
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-007164
value: MEDIUM

Trust: 0.8

VULHUB: VHN-168328
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2020-15358
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-007164
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-168328
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-15358
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-007164
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-168328 // JVNDB: JVNDB-2020-007164 // NVD: CVE-2020-15358

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.9

sources: VULHUB: VHN-168328 // JVNDB: JVNDB-2020-007164 // NVD: CVE-2020-15358

THREAT TYPE

remote

Trust: 0.1

sources: PACKETSTORM: 168011

TYPE

xss

Trust: 0.1

sources: PACKETSTORM: 163209

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-007164

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-168328

PATCH

title:Fix a defect in the query-flattener optimization identified by ticketurl:https://www.sqlite.org/src/info/10fa79d00f8091e5

Trust: 0.8

title:23 ancestors of version-3.32.3 back to version-3.32.2url:https://www.sqlite.org/src/timeline?p=version-3.32.3&bt=version-3.32.2

Trust: 0.8

title:Heap Buffer Overflow in multiSelectOrderByurl:https://www.sqlite.org/src/tktview?name=8f157e8010

Trust: 0.8

sources: JVNDB: JVNDB-2020-007164

EXTERNAL IDS

db:NVDid:CVE-2020-15358

Trust: 2.7

db:SIEMENSid:SSA-389290

Trust: 1.1

db:JVNDBid:JVNDB-2020-007164

Trust: 0.8

db:PACKETSTORMid:161245

Trust: 0.2

db:PACKETSTORMid:163257

Trust: 0.2

db:PACKETSTORMid:163496

Trust: 0.2

db:PACKETSTORMid:158592

Trust: 0.2

db:PACKETSTORMid:163209

Trust: 0.2

db:PACKETSTORMid:160061

Trust: 0.1

db:PACKETSTORMid:163267

Trust: 0.1

db:PACKETSTORMid:160062

Trust: 0.1

db:PACKETSTORMid:160545

Trust: 0.1

db:PACKETSTORMid:160064

Trust: 0.1

db:PACKETSTORMid:163276

Trust: 0.1

db:PACKETSTORMid:163188

Trust: 0.1

db:PACKETSTORMid:158623

Trust: 0.1

db:PACKETSTORMid:162628

Trust: 0.1

db:CNNVDid:CNNVD-202006-1768

Trust: 0.1

db:VULHUBid:VHN-168328

Trust: 0.1

db:PACKETSTORMid:168011

Trust: 0.1

db:PACKETSTORMid:163789

Trust: 0.1

db:PACKETSTORMid:164192

Trust: 0.1

sources: VULHUB: VHN-168328 // PACKETSTORM: 168011 // PACKETSTORM: 163789 // PACKETSTORM: 163209 // PACKETSTORM: 163257 // PACKETSTORM: 163496 // PACKETSTORM: 161245 // PACKETSTORM: 158592 // PACKETSTORM: 164192 // JVNDB: JVNDB-2020-007164 // NVD: CVE-2020-15358

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-15358

Trust: 1.4

url:https://security.gentoo.org/glsa/202007-26

Trust: 1.2

url:https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20200709-0001/

Trust: 1.1

url:https://support.apple.com/kb/ht211843

Trust: 1.1

url:https://support.apple.com/kb/ht211844

Trust: 1.1

url:https://support.apple.com/kb/ht211847

Trust: 1.1

url:https://support.apple.com/kb/ht211850

Trust: 1.1

url:https://support.apple.com/kb/ht211931

Trust: 1.1

url:https://support.apple.com/kb/ht212147

Trust: 1.1

url:http://seclists.org/fulldisclosure/2020/nov/20

Trust: 1.1

url:http://seclists.org/fulldisclosure/2020/nov/19

Trust: 1.1

url:http://seclists.org/fulldisclosure/2020/nov/22

Trust: 1.1

url:http://seclists.org/fulldisclosure/2020/dec/32

Trust: 1.1

url:http://seclists.org/fulldisclosure/2021/feb/14

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuapr2021.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpujan2021.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuoct2020.html

Trust: 1.1

url:https://www.sqlite.org/src/info/10fa79d00f8091e5

Trust: 1.1

url:https://www.sqlite.org/src/tktview?name=8f157e8010

Trust: 1.1

url:https://usn.ubuntu.com/4438-1/

Trust: 1.1

url:https://www.sqlite.org/src/timeline?p=version-3.32.3&bt=version-3.32.2

Trust: 1.0

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-15358

Trust: 0.8

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2017-14502

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2016-10228

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-27618

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2016-10228

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-3326

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2017-14502

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-15358

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-29361

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-9169

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-29362

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-8927

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2019-25013

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-13434

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-25013

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-29363

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-13434

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-8286

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-28196

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-8231

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-8285

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-9169

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-2708

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-2708

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-8284

Trust: 0.5

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-20305

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-27618

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-8231

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-28196

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-29362

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-29363

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-29361

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-3518

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3541

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3520

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3537

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3517

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3516

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-27219

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-13776

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-3842

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13776

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24977

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-24977

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3449

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3450

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-3842

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-8284

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-8285

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-8286

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-8927

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-3326

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-27218

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-23240

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-13543

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9951

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-23239

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36242

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9948

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-13012

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26116

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-13584

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26137

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13543

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13584

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-25659

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-27619

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20271

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9983

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3177

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-23336

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-13012

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-27219

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20305

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-27918

Trust: 0.2

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-31525

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-31525

Trust: 0.2

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-27918

Trust: 0.2

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-33196

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-33196

Trust: 0.2

url:https://www.sqlite.org/src/timeline?p=version-3.32.3&amp;bt=version-3.32.2

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3867

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9805

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3894

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3899

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30761

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8743

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8743

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8823

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1000858

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3900

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9894

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33938

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8782

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8771

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9952

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8846

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24407

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9915

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1271

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8783

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8813

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9806

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3885

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9802

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8764

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22946

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8769

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1000858

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10018

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9895

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8811

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8819

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3862

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13050

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3868

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3895

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3865

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33930

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14391

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3864

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9862

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33929

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8835

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14889

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8816

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3897

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8808

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13627

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20454

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22947

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8766

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11793

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9803

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3521

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9850

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30666

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33928

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30631

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8820

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9893

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23852

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14889

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1730

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8844

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3902

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5924

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8814

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8812

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8815

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20454

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3901

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30762

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13050

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13627

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9925

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0778

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15503

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8720

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25039

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14347

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25712

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12364

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25037

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25037

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33909

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-32399

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28935

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25034

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25035

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25038

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14345

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14360

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3560

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25042

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20201

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25042

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25038

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25041

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3119

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25217

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25036

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25215

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25036

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14344

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25035

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14345

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14344

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14362

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14361

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3114

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28211

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25039

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12364

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25041

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33910

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25034

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-26116

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2479

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3139

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-26137

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27619

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25659

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36242

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27783

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27783

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3528

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25678

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25678

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-25736

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3450

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2130

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/windows_containers/window

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25736

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3449

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2705

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1742

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1757

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1753

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14155

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1751

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27945

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1744

Trust: 0.1

url:https://support.apple.com/ht212147.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29633

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1737

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1736

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1738

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1754

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27904

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25709

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29608

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1745

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27938

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20838

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1743

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1758

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27937

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29614

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1750

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1746

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1747

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1741

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11655

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11656

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13435

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13871

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13631

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13630

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20218

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13632

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-33195

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27218

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-33197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33195

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-33198

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33198

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-34558

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3556

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33197

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20271

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3421

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3703

Trust: 0.1

sources: VULHUB: VHN-168328 // PACKETSTORM: 168011 // PACKETSTORM: 163789 // PACKETSTORM: 163209 // PACKETSTORM: 163257 // PACKETSTORM: 163496 // PACKETSTORM: 161245 // PACKETSTORM: 158592 // PACKETSTORM: 164192 // JVNDB: JVNDB-2020-007164 // NVD: CVE-2020-15358

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 168011 // PACKETSTORM: 163789 // PACKETSTORM: 163209 // PACKETSTORM: 163257 // PACKETSTORM: 163496 // PACKETSTORM: 164192

SOURCES

db:VULHUBid:VHN-168328
db:PACKETSTORMid:168011
db:PACKETSTORMid:163789
db:PACKETSTORMid:163209
db:PACKETSTORMid:163257
db:PACKETSTORMid:163496
db:PACKETSTORMid:161245
db:PACKETSTORMid:158592
db:PACKETSTORMid:164192
db:JVNDBid:JVNDB-2020-007164
db:NVDid:CVE-2020-15358

LAST UPDATE DATE

2026-07-04T21:12:15.315000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-168328date:2022-05-12T00:00:00
db:JVNDBid:JVNDB-2020-007164date:2020-08-04T00:00:00
db:NVDid:CVE-2020-15358date:2026-06-17T02:56:33.303

SOURCES RELEASE DATE

db:VULHUBid:VHN-168328date:2020-06-27T00:00:00
db:PACKETSTORMid:168011date:2022-08-09T14:36:05
db:PACKETSTORMid:163789date:2021-08-11T16:15:17
db:PACKETSTORMid:163209date:2021-06-17T18:34:10
db:PACKETSTORMid:163257date:2021-06-23T15:44:15
db:PACKETSTORMid:163496date:2021-07-14T15:02:07
db:PACKETSTORMid:161245date:2021-02-02T16:06:51
db:PACKETSTORMid:158592date:2020-07-27T18:32:44
db:PACKETSTORMid:164192date:2021-09-17T16:04:56
db:JVNDBid:JVNDB-2020-007164date:2020-08-04T00:00:00
db:NVDid:CVE-2020-15358date:2020-06-27T12:15:11.187