Details of VAR-201810-0932

ID

VAR-201810-0932

CVE

CVE-2018-0734

TITLE

OpenSSL DSA Vulnerabilities related to key management errors in signature algorithms

Trust: 0.8

sources: JVNDB: JVNDB-2018-014031

DESCRIPTION

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. For the stable distribution (stretch), these problems have been fixed in version 1.1.0j-1~deb9u1. Going forward, openssl security updates for stretch will be based on the 1.1.0x upstream releases. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwBuAcACgkQEMKTtsN8 TjZbBw/+MOB5+pZbCHHXyH3IeD+yj+tSPvmNc3SCwdEtUxGXr0ZX7TKHfaLs/8s6 Udto0K8a1FvjrcUQCfhnFpNcSAv9pxX13Fr6Pd560miIfAu9/5jAqiCufCoiz+xj 45LNJGlaxxaFjgBGCitZSJA0Fc4SM6v5XFyJfR3kChdQ/3kGQbbMNAp16Fy3ZsxJ VXwviomUxmmmdvjxyhifTIpuwr9OiJSQ+13etQjTDQ3pzSbLBPSOxmpV0vPIC7I2 Dwa4zuQXA/DF4G6l8T4rXCwCN4e4pwbTc8bbCjXeZK+iVAhnRD6wXlS3cc5IVAzx /qTa89LZU8B6ylcB6nodeAHLuZTC3Le8ndoxYz5S2/jHZMM/jCQNHYJemHWNbOqn q+e5W0D1fIVLiLoL/iHW5XhN6yJY2Ma7zjXMRBnkzJA9CTNIKgUjrSFz0Ud+wIM/ u8QhNPwZ0hPd5IfSgIyWqmuQ5XzFYqAQvwT1gUJiK7tIvuT0VsSyKVaSZVbi4yrM 9sxkZaP1UNLcTVCFw6A0KFwhb9z6kQtyH1MRkFPphmnb8jlHA3cTdPJkFUBi3VaT 7izThm5/mVLbAjZ8X7nkqnzWzmc885j0ml3slDd/MOVWB5CD3vFAcI8k3VZr3A61 P2gNSN6UbAbLMGsxgs3hYUHgazi7MdXJ/aNavjGSbYBNL780Iaw=3Qji -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security and bug fix update Advisory ID: RHSA-2019:2304-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2304 Issue date: 2019-08-06 CVE Names: CVE-2018-0734 CVE-2019-1559 ==================================================================== 1. Summary: An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: openssl-1.0.2k-19.el7.src.rpm x86_64: openssl-1.0.2k-19.el7.x86_64.rpm openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-libs-1.0.2k-19.el7.i686.rpm openssl-libs-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-devel-1.0.2k-19.el7.i686.rpm openssl-devel-1.0.2k-19.el7.x86_64.rpm openssl-perl-1.0.2k-19.el7.x86_64.rpm openssl-static-1.0.2k-19.el7.i686.rpm openssl-static-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssl-1.0.2k-19.el7.src.rpm x86_64: openssl-1.0.2k-19.el7.x86_64.rpm openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-libs-1.0.2k-19.el7.i686.rpm openssl-libs-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-devel-1.0.2k-19.el7.i686.rpm openssl-devel-1.0.2k-19.el7.x86_64.rpm openssl-perl-1.0.2k-19.el7.x86_64.rpm openssl-static-1.0.2k-19.el7.i686.rpm openssl-static-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl-1.0.2k-19.el7.src.rpm ppc64: openssl-1.0.2k-19.el7.ppc64.rpm openssl-debuginfo-1.0.2k-19.el7.ppc.rpm openssl-debuginfo-1.0.2k-19.el7.ppc64.rpm openssl-devel-1.0.2k-19.el7.ppc.rpm openssl-devel-1.0.2k-19.el7.ppc64.rpm openssl-libs-1.0.2k-19.el7.ppc.rpm openssl-libs-1.0.2k-19.el7.ppc64.rpm ppc64le: openssl-1.0.2k-19.el7.ppc64le.rpm openssl-debuginfo-1.0.2k-19.el7.ppc64le.rpm openssl-devel-1.0.2k-19.el7.ppc64le.rpm openssl-libs-1.0.2k-19.el7.ppc64le.rpm s390x: openssl-1.0.2k-19.el7.s390x.rpm openssl-debuginfo-1.0.2k-19.el7.s390.rpm openssl-debuginfo-1.0.2k-19.el7.s390x.rpm openssl-devel-1.0.2k-19.el7.s390.rpm openssl-devel-1.0.2k-19.el7.s390x.rpm openssl-libs-1.0.2k-19.el7.s390.rpm openssl-libs-1.0.2k-19.el7.s390x.rpm x86_64: openssl-1.0.2k-19.el7.x86_64.rpm openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-devel-1.0.2k-19.el7.i686.rpm openssl-devel-1.0.2k-19.el7.x86_64.rpm openssl-libs-1.0.2k-19.el7.i686.rpm openssl-libs-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: openssl-debuginfo-1.0.2k-19.el7.ppc.rpm openssl-debuginfo-1.0.2k-19.el7.ppc64.rpm openssl-perl-1.0.2k-19.el7.ppc64.rpm openssl-static-1.0.2k-19.el7.ppc.rpm openssl-static-1.0.2k-19.el7.ppc64.rpm ppc64le: openssl-debuginfo-1.0.2k-19.el7.ppc64le.rpm openssl-perl-1.0.2k-19.el7.ppc64le.rpm openssl-static-1.0.2k-19.el7.ppc64le.rpm s390x: openssl-debuginfo-1.0.2k-19.el7.s390.rpm openssl-debuginfo-1.0.2k-19.el7.s390x.rpm openssl-perl-1.0.2k-19.el7.s390x.rpm openssl-static-1.0.2k-19.el7.s390.rpm openssl-static-1.0.2k-19.el7.s390x.rpm x86_64: openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-perl-1.0.2k-19.el7.x86_64.rpm openssl-static-1.0.2k-19.el7.i686.rpm openssl-static-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssl-1.0.2k-19.el7.src.rpm x86_64: openssl-1.0.2k-19.el7.x86_64.rpm openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-devel-1.0.2k-19.el7.i686.rpm openssl-devel-1.0.2k-19.el7.x86_64.rpm openssl-libs-1.0.2k-19.el7.i686.rpm openssl-libs-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-perl-1.0.2k-19.el7.x86_64.rpm openssl-static-1.0.2k-19.el7.i686.rpm openssl-static-1.0.2k-19.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-0734 https://access.redhat.com/security/cve/CVE-2019-1559 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXUl3otzjgjWX9erEAQgZQQ//XNcjRJGLVmjAzbVGiwxEqfFUvDVNiu97 fW0vLXuV9TnQTveOVqOAWmmMv2iShkVIRPDvzlOfUsYrrDEYHKr0N38R/fhDEZsM WQrJh54WK9IjEGNevLTCePKMhVuII1WnHrLDwZ6hxYGdcap/sJrf+N428b5LvHbM B39vWl3vqJYXoiI5dmIYL8ko2SfLms5Cg+dR0hLrNohf9gK2La+jhWb/j2xw6X6q /LXw5+hi/G+USbnNFfjt9G0fNjMMZRX2bukUvY6UWJRYTOXpIUOFqqp5w9zgM7tZ uX7TMTC9xe6te4mBCAFDdt+kYYLYSHfSkFlFq+S7V0MY8DmnIzqBJE4lJIDTVp9F JbrMIPs9G5jdnzPUKZw/gH9WLgka8Q8AYI+KA2xSxFX9VZ20Z+EDDC9/4uwj3i0A gLeIB68OwD70jn4sjuQqizr7TCviQhTUoKVd/mTBAxSEFZLcE8Sy/BEYxLPm81z0 veL16l6pmfg9uLac4V576ImfYNWlBEnJspA5E9K5CqQRPuZpCQFov7/D17Qm8v/x IcVKUaXiGquBwzHmIsD5lTCpl7CrGoU1PfNJ6Y/4xrVFOh1DLA4y6nnfysyO9eZx zBfuYS2VmfIq/tp1CjagI/DmJC4ezXeE4Phq9jm0EBASXtnLzVmc5j7kkqWjCcfm BtpJTAdr1kE=7kKR -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. After installing the updated packages, the httpd daemon will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/): 1568253 - CVE-2018-0737 openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys 1644364 - CVE-2018-0734 openssl: timing side channel attack in the DSA signature algorithm 1645695 - CVE-2018-5407 openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) 1668493 - CVE-2018-17199 httpd: mod_session_cookie does not respect expiry time 1668497 - CVE-2018-17189 httpd: mod_http2: DoS via slow, unneeded request bodies 1695020 - CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition 1695030 - CVE-2019-0196 httpd: mod_http2: read-after-free on a string compare 1695042 - CVE-2019-0197 httpd: mod_http2: possible crash on late upgrade 1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption 1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service 1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service 1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service 6. 8) - aarch64, ppc64le, s390x, x86_64 3. The following packages have been upgraded to a later upstream version: openssl (1.1.1c). ========================================================================== Ubuntu Security Notice USN-3840-1 December 06, 2018 openssl, openssl1.0 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in OpenSSL. (CVE-2018-0734) Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735) Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading (SMT) architectures are vulnerable to side-channel leakage. This issue is known as "PortSmash". (CVE-2018-5407) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libssl1.0.0 1.0.2n-1ubuntu6.1 libssl1.1 1.1.1-1ubuntu2.1 Ubuntu 18.04 LTS: libssl1.0.0 1.0.2n-1ubuntu5.2 libssl1.1 1.1.0g-2ubuntu4.3 Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.14 Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.27 After a standard system update you need to reboot your computer to make all the necessary changes

Trust: 2.7

sources: NVD: CVE-2018-0734 // JVNDB: JVNDB-2018-014031 // BID: 105758 // VULHUB: VHN-118936 // VULMON: CVE-2018-0734 // PACKETSTORM: 155417 // PACKETSTORM: 150860 // PACKETSTORM: 150561 // PACKETSTORM: 153932 // PACKETSTORM: 155416 // PACKETSTORM: 155160 // PACKETSTORM: 150683

AFFECTED PRODUCTS

vendor:	openssl	model:	openssl	scope:	eq	version:	1.1.1	Trust: 1.8
vendor:	oracle	model:	enterprise manager base platform	scope:	eq	version:	13.2.0.0.0	Trust: 1.3
vendor:	oracle	model:	api gateway	scope:	eq	version:	11.1.2.4.0	Trust: 1.3
vendor:	oracle	model:	enterprise manager base platform	scope:	eq	version:	12.1.0.5.0	Trust: 1.3
vendor:	oracle	model:	enterprise manager ops center	scope:	eq	version:	12.3.3	Trust: 1.3
vendor:	oracle	model:	peoplesoft enterprise peopletools	scope:	eq	version:	8.56	Trust: 1.3
vendor:	oracle	model:	peoplesoft enterprise peopletools	scope:	eq	version:	8.55	Trust: 1.3
vendor:	oracle	model:	peoplesoft enterprise peopletools	scope:	eq	version:	8.57	Trust: 1.3
vendor:	oracle	model:	enterprise manager base platform	scope:	eq	version:	13.3.0.0.0	Trust: 1.3
vendor:	oracle	model:	tuxedo	scope:	eq	version:	12.1.1.0.0	Trust: 1.3
vendor:	openssl	model:	openssl	scope:	lte	version:	1.0.2p	Trust: 1.0
vendor:	oracle	model:	mysql enterprise backup	scope:	lte	version:	3.12.3	Trust: 1.0
vendor:	netapp	model:	storage automation store	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	mysql enterprise backup	scope:	lte	version:	4.1.2	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	8.9.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	8.0.0	Trust: 1.0
vendor:	oracle	model:	primavera p6 professional project management	scope:	eq	version:	15.1	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	10.0.0	Trust: 1.0
vendor:	oracle	model:	primavera p6 professional project management	scope:	lte	version:	17.12	Trust: 1.0
vendor:	oracle	model:	primavera p6 professional project management	scope:	eq	version:	16.1	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lte	version:	8.8.1	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lt	version:	8.14.0	Trust: 1.0
vendor:	oracle	model:	mysql enterprise backup	scope:	gte	version:	4.0	Trust: 1.0
vendor:	oracle	model:	primavera p6 professional project management	scope:	eq	version:	8.4	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	netapp	model:	snapcenter	scope:	eq	version:	-	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	oracle	model:	e-business suite technology stack	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lt	version:	6.15.0	Trust: 1.0
vendor:	netapp	model:	steelstore	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	primavera p6 professional project management	scope:	eq	version:	15.2	Trust: 1.0
vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	cn1610	scope:	eq	version:	-	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	11.0.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	lte	version:	1.1.0i	Trust: 1.0
vendor:	oracle	model:	primavera p6 professional project management	scope:	eq	version:	16.2	Trust: 1.0
vendor:	oracle	model:	primavera p6 professional project management	scope:	gte	version:	17.7	Trust: 1.0
vendor:	oracle	model:	primavera p6 professional project management	scope:	eq	version:	18.8	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lte	version:	6.8.1	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	gte	version:	1.0.2	Trust: 1.0
vendor:	netapp	model:	santricity smi-s provider	scope:	eq	version:	-	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	6.9.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	oracle	model:	e-business suite technology stack	scope:	eq	version:	0.9.8	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	eq	version:	10.13.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lte	version:	10.12.0	Trust: 1.0
vendor:	oracle	model:	e-business suite technology stack	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.10	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	gte	version:	1.1.0	Trust: 1.0
vendor:	netapp	model:	oncommand unified manager	scope:	eq	version:	*	Trust: 1.0
vendor:	oracle	model:	mysql enterprise backup	scope:	gte	version:	3.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lt	version:	11.3.0	Trust: 1.0
vendor:	canonical	model:	ubuntu	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	cn1610	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	cloud backup	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	oncommand unified manager core package	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	santricity smi-s provider	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	steelstore cloud integrated storage	scope:	-	version:	-	Trust: 0.8
vendor:	node js	model:	node.js	scope:	-	version:	-	Trust: 0.8
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.2 to 1.0.2p	Trust: 0.8
vendor:	openssl	model:	openssl	scope:	eq	version:	1.1.0 to 1.1.0i	Trust: 0.8
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2.20	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.34	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.2.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.22	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	8.0.13	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2i	scope:	-	version:	-	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0f	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.50	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	ne	version:	5.2.24	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.16	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2g	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	primavera p6 enterprise project portfolio management	scope:	eq	version:	15.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2.22	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.14	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.1.2	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.26	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.8	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.5.6	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	8.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.29	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.11	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.10	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.20	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.3	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.23	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.5.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	1.6	Trust: 0.3
vendor:	openssl	model:	project openssl	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.20	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.8	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2.2	Trust: 0.3
vendor:	oracle	model:	solaris	scope:	eq	version:	10	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.21	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.6	Trust: 0.3
vendor:	oracle	model:	mysql enterprise backup	scope:	eq	version:	3.10.1	Trust: 0.3
vendor:	oracle	model:	endeca server	scope:	eq	version:	7.7.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.12	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.32	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.24	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.22	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	ne	version:	6.0	Trust: 0.3
vendor:	oracle	model:	primavera p6 enterprise project portfolio management	scope:	eq	version:	17.12	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.19	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.28	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.12	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.3.5	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.2	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.0	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2q	scope:	ne	version:	-	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.9.2	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.6	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	7.1	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	5.2.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	1.6.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.0.12	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.5.4	Trust: 0.3
vendor:	ibm	model:	aix	scope:	eq	version:	7.2	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.20	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.14	Trust: 0.3
vendor:	oracle	model:	e-business suite	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	7.2	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.5.3	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.20	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	5.2.3	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0a	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.14	Trust: 0.3
vendor:	oracle	model:	primavera p6 enterprise project portfolio management	scope:	eq	version:	17.7	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.9.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.1.4	Trust: 0.3
vendor:	openssl	model:	project openssl beta1	scope:	eq	version:	1.0.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.36	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0d	scope:	-	version:	-	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	4.4.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2.16	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.44	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.0.11	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.30	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2q-dev	scope:	ne	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.26	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.19	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.24	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.41	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.16	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.4	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0b	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.4	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0g	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.6	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.0.13	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	5.2.7	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.23	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.34	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2h	scope:	-	version:	-	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	7.2.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.1.0	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2.18	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	1.6.6	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.1.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.18	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.12	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.17	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.18	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2p	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.33	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.14	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2l-git	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.10	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.43	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.0.6	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.18	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.0	Trust: 0.3
vendor:	oracle	model:	mysql enterprise backup	scope:	eq	version:	3.12.3	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0i	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.16	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.21	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.26	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.14	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.35	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.36	Trust: 0.3
vendor:	oracle	model:	e-business suite	scope:	eq	version:	0.9.8	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.0	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2a	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	solaris	scope:	eq	version:	11.3	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2f	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.22	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.30	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.9	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.19	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0c	scope:	-	version:	-	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.4	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.6.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.9	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.6	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.15	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	5.0.223205	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.25	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.16	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.15	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2p-dev	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.34	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.3	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.23	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.24	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.12	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2.4	Trust: 0.3
vendor:	openssl	model:	project openssl	scope:	eq	version:	1.0.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.27	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.22	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.20	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2d	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.14	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.6	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.9	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.2	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.6.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.26	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.8	Trust: 0.3
vendor:	oracle	model:	primavera p6 enterprise project portfolio management	scope:	eq	version:	8.4	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.36	Trust: 0.3
vendor:	oracle	model:	primavera p6 enterprise project portfolio management	scope:	eq	version:	15.2	Trust: 0.3
vendor:	oracle	model:	mysql enterprise backup	scope:	eq	version:	3.10	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	ibm	model:	aix	scope:	eq	version:	6.1	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2k	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.0	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.3.7	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	8.0.12	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0j-dev	scope:	ne	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.8	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	7.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.31	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.8	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.19	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.30	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.27	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2m	scope:	-	version:	-	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.37	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.10	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.16	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.1.8	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.5	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2e	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.14	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.1.0	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	8.0.11	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.0.8	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.8	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.18	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.36	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.3.3	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.3.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.38	Trust: 0.3
vendor:	ibm	model:	aix	scope:	eq	version:	5.3	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.0.10	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.42	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.20	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.32	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.10	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.28	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0e	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.24	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.3	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.29	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2n	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.0	Trust: 0.3
vendor:	oracle	model:	primavera p6 enterprise project portfolio management	scope:	eq	version:	16.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.13	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.0	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2o	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.34	Trust: 0.3
vendor:	oracle	model:	mysql enterprise backup	scope:	eq	version:	3.12.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.2	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.24	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2j	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.26	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.4	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.4.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.18	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.2	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.34	Trust: 0.3
vendor:	openssl	model:	project openssl	scope:	eq	version:	1.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	1.6.4	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0h	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.32	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.1	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.0.12	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.4.1	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.1	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.24	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	8.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.35	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.0.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.30	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.35	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.20	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.7	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.40	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2l	scope:	-	version:	-	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.34	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.32	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.38	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.6	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.35	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.21	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.22	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.1a-dev	scope:	ne	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.12	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.1.6	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.1.4	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.9.3	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.12	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.38	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.9	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.3.2	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.4.0	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.5.1	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.23	Trust: 0.3
vendor:	oracle	model:	mysql enterprise backup	scope:	eq	version:	4.1.2	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	7.2.2	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.30	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.12	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.22	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.8	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	1.6.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.16	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.20	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.10	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.18	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.10	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.6	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.14	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2.6	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.10	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.39	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	oracle	model:	primavera p6 enterprise project portfolio management	scope:	eq	version:	18.8	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.16	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.0.14	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.2.10	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2-1.0.2o	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	primavera p6 enterprise project portfolio management	scope:	eq	version:	16.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.0	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.8	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.16	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.8	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.3.6	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.18	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.16	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2c	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.1.24	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.5	Trust: 0.3
vendor:	ibm	model:	aix	scope:	eq	version:	7.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.28	Trust: 0.3
vendor:	oracle	model:	mysql enterprise backup	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.7	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.27	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.33	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.21	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.26	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.0.36	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	ne	version:	8.1.1	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.6.22	Trust: 0.3
vendor:	openssl	model:	project openssl 1.0.2b	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.1.42	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	3.2.25	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.4.3	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.15	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.0	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	oracle	model:	mysql server	scope:	eq	version:	5.7.17	Trust: 0.3
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.3	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.5.5	Trust: 0.3
vendor:	oracle	model:	solaris	scope:	eq	version:	11.4	Trust: 0.3
vendor:	oracle	model:	mysql enterprise backup	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	tenable	model:	nessus	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.2.35	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	oracle	model:	e-business suite	scope:	eq	version:	1.0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	2.0.10	Trust: 0.3

sources: BID: 105758 // JVNDB: JVNDB-2018-014031 // NVD: CVE-2018-0734

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0734
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-0734
value:	MEDIUM
Trust: 0.8
VULHUB:	VHN-118936
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2018-0734
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0734
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-118936
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0734
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2018-0734
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-118936 // VULMON: CVE-2018-0734 // JVNDB: JVNDB-2018-014031 // NVD: CVE-2018-0734

PROBLEMTYPE DATA

problemtype:	CWE-327	Trust: 1.1
problemtype:	CWE-320	Trust: 0.9

sources: VULHUB: VHN-118936 // JVNDB: JVNDB-2018-014031 // NVD: CVE-2018-0734

THREAT TYPE

local

Trust: 0.5

sources: BID: 105758 // PACKETSTORM: 150860 // PACKETSTORM: 150561

TYPE

Design Error

Trust: 0.3

sources: BID: 105758

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014031

PATCH

title:	DSA-4348	url:	https://www.debian.org/security/2018/dsa-4348	Trust: 0.8
title:	DSA-4355	url:	https://www.debian.org/security/2018/dsa-4355	Trust: 0.8
title:	Merge DSA reallocation timing fix CVE-2018-0734.	url:	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=43e6a58d4991a451daf4891ff05a48735df871ac	Trust: 0.8
title:	Timing vulnerability in DSA signature generation (CVE-2018-0734).(8abfe)	url:	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8abfe72e8c1de1b95f50aa0d9134803b4d00070f	Trust: 0.8
title:	Timing vulnerability in DSA signature generation (CVE-2018-0734).(ef11e)	url:	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ef11e19d1365eea2b1851e6f540a0bf365d303e7	Trust: 0.8
title:	NTAP-20181105-0002	url:	https://security.netapp.com/advisory/ntap-20181105-0002/	Trust: 0.8
title:	NTAP-20190118-0002	url:	https://security.netapp.com/advisory/ntap-20190118-0002/	Trust: 0.8
title:	November 2018 Security Releases	url:	https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/	Trust: 0.8
title:	Timing vulnerability in DSA signature generation (CVE-2018-0734)	url:	https://www.openssl.org/news/secadv/20181030.txt	Trust: 0.8
title:	USN-3840-1	url:	https://usn.ubuntu.com/3840-1/	Trust: 0.8
title:	Red Hat: Moderate: openssl security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192304 - Security Advisory	Trust: 0.1
title:	Red Hat: Low: openssl security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193700 - Security Advisory	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2019-1153	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1153	Trust: 0.1
title:	Ubuntu Security Notice: openssl, openssl1.0 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3840-1	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2019-1153	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1153	Trust: 0.1
title:	Red Hat: CVE-2018-0734	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-0734	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2018-0734	Trust: 0.1
title:	Debian Security Advisories: DSA-4355-1 openssl1.0 -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=7cc6b04edacd67d6e5bf27bd36f54217	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2019-1362	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1362	Trust: 0.1
title:	Arch Linux Advisories: [ASA-201812-7] lib32-openssl-1.0: private key recovery	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201812-7	Trust: 0.1
title:	Arch Linux Advisories: [ASA-201812-6] lib32-openssl: private key recovery	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201812-6	Trust: 0.1
title:	Arch Linux Advisories: [ASA-201812-5] openssl: private key recovery	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201812-5	Trust: 0.1
title:	Arch Linux Advisories: [ASA-201812-8] openssl-1.0: private key recovery	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201812-8	Trust: 0.1
title:	Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193935 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 6	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193932 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 7	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193933 - Security Advisory	Trust: 0.1
title:	Debian Security Advisories: DSA-4348-1 openssl -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=322bd50b7b929759e38c99b73122a852	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM NeXtScale Fan Power Controller (FPC) is affected by vulnerability in OpenSSL (CVE-2018-0734)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=089729287496a632fa4c42658b60b635	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM MQ Appliance is affected by an OpenSSL vulnerability (CVE-2018-0734)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=3b0880c0fe7c1c2995382c68ba0fd928	Trust: 0.1
title:	IBM: IBM Security Bulletin: OpenSSL DSA signature algorithm security vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-0734)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=bf4a61aab0614bc21bae17e61513abdc	Trust: 0.1
title:	IBM: IBM Security Bulletin: A security vulnerability has been identified in OpenSSL, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2018-0734)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=9f92a5713223095107b36bb14efd3013	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2018-0734, CVE-2018-5407)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=c36f1dd66164e22918d817553be91620	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=1b873a45dce8bb56ff011908a9402b67	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM QRadar Network Security is affected by openssl vulnerabilities (CVE-2019-1559, CVE-2018-0734)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=7ceb7cf440b088f91358d1c597d5a414	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM Cloud Manager with OpenStack is affected by a OpenSSL vulnerabilities (CVE-2018-0734)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=bcd3c8de23a34fb577cecdb0096912bf	Trust: 0.1
title:	IBM: IBM Security Bulletin: OpenSSL vunerability	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=f89f8f6307af3f9e5b1f4d0ffb1a9677	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2018-0734)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=4f65fc12e5864fd96d0965bd485769d5	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM RackSwitch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0734)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=96f2e72442af5a4308e4a45305db78b4	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple Security Vulnerabilities in OpenSSL Affect IBM Sterling B2B Integrator (CVE-2018-0734, CVE-2018-5407)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=e4ca493bfda92c5355c98328872a84e5	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM Event Streams is affected by OpenSSL vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=efdce9b94f89918f3f2b2dfc69780ccd	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2018-0734, CVE-2018-5407)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=ddeebd7237369bd2318e4087834121a5	Trust: 0.1
title:	Tenable Security Advisories: [R1] Nessus 8.1.1 Fixes Multiple Third-party Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2018-16	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vulnerability affects Watson Explorer Foundational Components (CVE-2018-0732, CVE-2018-0734, CVE-2018-0737)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=4f5f12bea67642140a5af636a3850c79	Trust: 0.1
title:	IBM: IBM Security Bulletin: Security vulnerabilities identified in OpenSSL affect Rational Build Forge (CVE-2018-0734, CVE-2018-5407 and CVE-2019-1559)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=e59d7f075c856823d6f7370dea35e662	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vulnerabilities in GNU OpenSSL (1.0.2 series) affect IBM Netezza Analytics	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=ac5ccbde4e4ddbcabd10cacf82487a11	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Sterling Connect:Express for UNIX (CVE-2018-0734 and CVE-2018-5407)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=fda6d001f041b9b0a29d906059d798b4	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM DataPower Gateway is affected by vulnerabilities in OpenSSL	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=c7313d7a6ba5364a603c214269588feb	Trust: 0.1
title:	IBM: Security Bulletin: Vulnerabities in SSL in IBM DataPower Gateway	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=5fc1433ca504461e3bbb1d30e408592c	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM InfoSphere Master Data Management Standard and Advanced Editions are affected by vulnerabilities in OpenSSL (CVE-2018-0735, CVE-2018-0734, CVE-2018-5407)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=c829d56f5888779e791387897875c4b4	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vulnerability affects Watson Explorer Foundational Components (CVE-2018-0732, CVE-2018-0734, CVE-2018-0737)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=35f40c202a57607f29c0bb486da6ea8a	Trust: 0.1
title:	Tenable Security Advisories: [R1] Nessus 7.1.4 Fixes Multiple Third-party Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2018-17	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vulnerabilities in OpenSSL affect GCM16 & GCM32 KVM Switch Firmware (CVE-2018-0734, CVE-2018-0737, CVE-2018-0739)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=d3d3f316d14423d9850192f1d5f20a1b	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM InfoSphere Information Server	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=d04b79d120c8d1de061ffc3f57258fcb	Trust: 0.1
title:	IBM: IBM Security Bulletin:IBM Security Identity Adapters has released a fix in response to the OpenSSL vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=00b8bc7d11e5484e8721f3f62ec2ce87	Trust: 0.1
title:	IBM: Security Bulletin: Vulnerabilities have been identified in OpenSSL and the Kernel shipped with the DS8000 Hardware Management Console (HMC)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=423d1da688755122eb2591196e4cc160	Trust: 0.1
title:	Debian CVElist Bug Report Logs: mysql-5.7: Security fixes from the January 2019 CPU	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=996600102cb3180bfad1fcc5c68a4d77	Trust: 0.1
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2019	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=4ee609eeae78bbbd0d0c827f33a7f87f	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private – Node.js	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=2e571e7bc5566212c3e69e37ecfa5ad4	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=2bd72b857f21f300d83d07a791be44cf	Trust: 0.1
title:	Forcepoint Security Advisories: CVE-2018-0734 and CVE-2019-1559 (OpenSSL)	url:	https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories&qid=b508c983da563a8786bf80c360afb887	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=26f585287da19915b94b6cae2d1b864f	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management V2018	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=dce787e9d669a768893a91801bf5eea4	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been addressed in IBM Security Access Manager Appliance	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=800337bc69aa7ad92ac88a2adcc7d426	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private – fluentd	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=60de0933c28b353f38df30120aa2a908	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - January 2019	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=f655264a6935505d167bbf45f409a57b	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Releases 1801-w and 1801-y	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=bf3f2299a8658b7cd3984c40e7060666	Trust: 0.1
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2019	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=aea3fcafd82c179d3a5dfa015e920864	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Release 1801-v	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=413b5f9466c1ebf3ab090a45e189b43e	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal’s dependencies – Cumulative list from June 28, 2018 to December 13, 2018	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=43da2cd72c1e378d8d94ecec029fcc61	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2018-0734	Trust: 0.1
title:	-	url:	https://github.com/Qi-Zhan/ps3	Trust: 0.1
title:	vyger	url:	https://github.com/mrodden/vyger	Trust: 0.1
title:	-	url:	https://github.com/vincent-deng/veracode-container-security-finding-parser	Trust: 0.1

sources: VULMON: CVE-2018-0734 // JVNDB: JVNDB-2018-014031

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0734	Trust: 3.0
db:	TENABLE	id:	TNS-2018-16	Trust: 1.5
db:	BID	id:	105758	Trust: 1.5
db:	TENABLE	id:	TNS-2018-17	Trust: 1.2
db:	JVNDB	id:	JVNDB-2018-014031	Trust: 0.8
db:	PACKETSTORM	id:	153932	Trust: 0.2
db:	PACKETSTORM	id:	150683	Trust: 0.2
db:	PACKETSTORM	id:	155160	Trust: 0.2
db:	PACKETSTORM	id:	155417	Trust: 0.2
db:	PACKETSTORM	id:	155416	Trust: 0.2
db:	PACKETSTORM	id:	155414	Trust: 0.1
db:	PACKETSTORM	id:	150437	Trust: 0.1
db:	CNNVD	id:	CNNVD-201810-1435	Trust: 0.1
db:	VULHUB	id:	VHN-118936	Trust: 0.1
db:	VULMON	id:	CVE-2018-0734	Trust: 0.1
db:	PACKETSTORM	id:	150860	Trust: 0.1
db:	PACKETSTORM	id:	150561	Trust: 0.1

sources: VULHUB: VHN-118936 // VULMON: CVE-2018-0734 // BID: 105758 // JVNDB: JVNDB-2018-014031 // PACKETSTORM: 155417 // PACKETSTORM: 150860 // PACKETSTORM: 150561 // PACKETSTORM: 153932 // PACKETSTORM: 155416 // PACKETSTORM: 155160 // PACKETSTORM: 150683 // NVD: CVE-2018-0734

REFERENCES

url:	https://www.openssl.org/news/secadv/20181030.txt	Trust: 1.5
url:	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	Trust: 1.5
url:	https://www.tenable.com/security/tns-2018-16	Trust: 1.5
url:	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	Trust: 1.5
url:	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	Trust: 1.5
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0734	Trust: 1.5
url:	https://access.redhat.com/errata/rhsa-2019:2304	Trust: 1.4
url:	http://www.securityfocus.com/bid/105758	Trust: 1.3
url:	https://access.redhat.com/errata/rhsa-2019:3700	Trust: 1.3
url:	https://access.redhat.com/errata/rhsa-2019:3932	Trust: 1.3
url:	https://access.redhat.com/errata/rhsa-2019:3933	Trust: 1.3
url:	https://usn.ubuntu.com/3840-1/	Trust: 1.3
url:	https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/	Trust: 1.2
url:	https://security.netapp.com/advisory/ntap-20181105-0002/	Trust: 1.2
url:	https://security.netapp.com/advisory/ntap-20190118-0002/	Trust: 1.2
url:	https://security.netapp.com/advisory/ntap-20190423-0002/	Trust: 1.2
url:	https://www.tenable.com/security/tns-2018-17	Trust: 1.2
url:	https://www.debian.org/security/2018/dsa-4348	Trust: 1.2
url:	https://www.debian.org/security/2018/dsa-4355	Trust: 1.2
url:	https://www.oracle.com/security-alerts/cpuapr2020.html	Trust: 1.2
url:	https://www.oracle.com/security-alerts/cpujan2020.html	Trust: 1.2
url:	https://access.redhat.com/errata/rhsa-2019:3935	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html	Trust: 1.2
url:	https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=8abfe72e8c1de1b95f50aa0d9134803b4d00070f	Trust: 1.1
url:	https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=ef11e19d1365eea2b1851e6f540a0bf365d303e7	Trust: 1.1
url:	https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=43e6a58d4991a451daf4891ff05a48735df871ac	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ewc42uxl5ghtu5g77vkbf6jyuungshom/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zbev5qgdrfuzdmnecfxusn5fmyozde4v/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/y3ivfgserazlnjck35tem2r4726xih3z/	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0734	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5407	Trust: 0.5
url:	https://access.redhat.com/articles/11258	Trust: 0.4
url:	https://access.redhat.com/security/team/contact/	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0737	Trust: 0.4
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.4
url:	https://bugzilla.redhat.com/):	Trust: 0.4
url:	https://access.redhat.com/security/team/key/	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2018-0734	Trust: 0.4
url:	https://github.com/openssl/openssl/commit/43e6a58d4991a451daf4891ff05a48735df871ac	Trust: 0.3
url:	https://github.com/openssl/openssl/commit/8abfe72e8c1de1b95f50aa0d9134803b4d00070f	Trust: 0.3
url:	https://github.com/openssl/openssl/commit/ef11e19d1365eea2b1851e6f540a0bf365d303e7	Trust: 0.3
url:	https://www.openssl.org/news/cl102.txt	Trust: 0.3
url:	http://openssl.org/	Trust: 0.3
url:	https://www.openssl.org/news/openssl-1.0.2-notes.html	Trust: 0.3
url:	https://www.openssl.org/news/vulnerabilities.html	Trust: 0.3
url:	https://www.oracle.com/technetwork/topics/security/bulletinapr2019-5462008.html	Trust: 0.3
url:	https://www.oracle.com/technetwork/topics/security/bulletinjan2019-5251593.html	Trust: 0.3
url:	http://aix.software.ibm.com/aix/efixes/security/openssl_advisory29.asc	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0735	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9513	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9511	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9517	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0197	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-17199	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9511	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-17189	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9517	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-0737	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-17199	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9516	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9513	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-0217	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0217	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-0197	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-17189	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9516	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-5407	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-0196	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0196	Trust: 0.2
url:	https://www.debian.org/security/faq	Trust: 0.2
url:	https://www.debian.org/security/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0732	Trust: 0.2
url:	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=43e6a58d4991a451daf4891ff05a48735df871ac	Trust: 0.1
url:	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8abfe72e8c1de1b95f50aa0d9134803b4d00070f	Trust: 0.1
url:	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ef11e19d1365eea2b1851e6f540a0bf365d303e7	Trust: 0.1
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zbev5qgdrfuzdmnecfxusn5fmyozde4v/	Trust: 0.1
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/y3ivfgserazlnjck35tem2r4726xih3z/	Trust: 0.1
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ewc42uxl5ghtu5g77vkbf6jyuungshom/	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/327.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2018-0734	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://tools.cisco.com/security/center/viewalert.x?alertid=59087	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/openssl1.0	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/openssl	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-1559	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1559	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#low	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1543	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-0735	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-1543	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssl/1.1.1-1ubuntu2.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.14	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.27	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssl/1.1.0g-2ubuntu4.3	Trust: 0.1
url:	https://usn.ubuntu.com/usn/usn-3840-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssl1.0/1.0.2n-1ubuntu6.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssl1.0/1.0.2n-1ubuntu5.2	Trust: 0.1

CREDITS

Red Hat

Trust: 0.4

sources: PACKETSTORM: 155417 // PACKETSTORM: 153932 // PACKETSTORM: 155416 // PACKETSTORM: 155160

SOURCES

db:	VULHUB	id:	VHN-118936
db:	VULMON	id:	CVE-2018-0734
db:	BID	id:	105758
db:	JVNDB	id:	JVNDB-2018-014031
db:	PACKETSTORM	id:	155417
db:	PACKETSTORM	id:	150860
db:	PACKETSTORM	id:	150561
db:	PACKETSTORM	id:	153932
db:	PACKETSTORM	id:	155416
db:	PACKETSTORM	id:	155160
db:	PACKETSTORM	id:	150683
db:	NVD	id:	CVE-2018-0734

LAST UPDATE DATE

2025-04-02T22:56:25.052000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118936	date:	2020-08-24T00:00:00
db:	VULMON	id:	CVE-2018-0734	date:	2023-11-07T00:00:00
db:	BID	id:	105758	date:	2019-07-17T08:00:00
db:	JVNDB	id:	JVNDB-2018-014031	date:	2019-03-11T00:00:00
db:	NVD	id:	CVE-2018-0734	date:	2024-11-21T03:38:50.120

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118936	date:	2018-10-30T00:00:00
db:	VULMON	id:	CVE-2018-0734	date:	2018-10-30T00:00:00
db:	BID	id:	105758	date:	2018-10-30T00:00:00
db:	JVNDB	id:	JVNDB-2018-014031	date:	2019-03-11T00:00:00
db:	PACKETSTORM	id:	155417	date:	2019-11-20T21:11:11
db:	PACKETSTORM	id:	150860	date:	2018-12-20T15:05:22
db:	PACKETSTORM	id:	150561	date:	2018-12-03T21:06:37
db:	PACKETSTORM	id:	153932	date:	2019-08-06T21:09:19
db:	PACKETSTORM	id:	155416	date:	2019-11-20T20:55:55
db:	PACKETSTORM	id:	155160	date:	2019-11-06T15:56:37
db:	PACKETSTORM	id:	150683	date:	2018-12-07T01:03:36
db:	NVD	id:	CVE-2018-0734	date:	2018-10-30T12:29:00.257