ID

VAR-201912-1044


CVE

CVE-2019-19956


TITLE

libxml2 Security hole

Trust: 0.6

sources: CNNVD: CNNVD-201912-1088

DESCRIPTION

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. Solution: For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1790277 - CVE-2019-20372 nginx: HTTP request smuggling in configurations with URL redirect used as error_page 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution 1911314 - CVE-2020-35678 python-autobahn: allows redirect header injection 1928847 - CVE-2021-20253 ansible-tower: Privilege escalation via job isolation escape 5. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. This advisory provides the following updates among others: * Enhances profile parsing time. * Fixes excessive resource consumption from the Operator. * Fixes default content image. * Fixes outdated remediation handling. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918990 - ComplianceSuite scans use quay content image for initContainer 1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present 1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules 1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module 1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values 1916813 - CVE-2021-20191 ansible: multiple modules expose secured values 1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option 1939349 - CVE-2021-3447 ansible: multiple modules expose secured values 5. Description: Red Hat OpenShift Do (odo) is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based and requires no server within the OpenShift cluster for deployment. It detects changes to local code and deploys it to the cluster automatically, giving instant feedback to validate changes in real-time. It supports multiple programming languages and frameworks. Solution: Download and install a new CLI binary by following the instructions linked from the References section. Bugs fixed (https://bugzilla.redhat.com/): 1832983 - Release of 1.1.3 odo-init-image 5. 8) - aarch64, ppc64le, s390x, x86_64 3. ========================================================================== Ubuntu Security Notice USN-4274-1 February 10, 2020 libxml2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Several security issues were fixed in libxml2. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-19956, CVE-2020-7595) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: libxml2 2.9.4+dfsg1-7ubuntu3.1 libxml2-utils 2.9.4+dfsg1-7ubuntu3.1 Ubuntu 18.04 LTS: libxml2 2.9.4+dfsg1-6.1ubuntu1.3 libxml2-utils 2.9.4+dfsg1-6.1ubuntu1.3 Ubuntu 16.04 LTS: libxml2 2.9.3+dfsg1-1ubuntu0.7 libxml2-utils 2.9.3+dfsg1-1ubuntu0.7 Ubuntu 14.04 ESM: libxml2 2.9.1+dfsg1-3ubuntu4.13+esm1 libxml2-utils 2.9.1+dfsg1-3ubuntu4.13+esm1 Ubuntu 12.04 ESM: libxml2 2.7.8.dfsg-5.1ubuntu4.22 libxml2-utils 2.7.8.dfsg-5.1ubuntu4.22 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: libxml2 security and bug fix update Advisory ID: RHSA-2020:3996-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3996 Issue date: 2020-09-29 CVE Names: CVE-2019-19956 CVE-2019-20388 CVE-2020-7595 ==================================================================== 1. Summary: An update for libxml2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The desktop must be restarted (log out, then log back in) for this update to take effect. 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libxml2-2.9.1-6.el7.5.src.rpm x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libxml2-2.9.1-6.el7.5.src.rpm x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-6.el7.5.src.rpm ppc64: libxml2-2.9.1-6.el7.5.ppc.rpm libxml2-2.9.1-6.el7.5.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64.rpm libxml2-devel-2.9.1-6.el7.5.ppc.rpm libxml2-devel-2.9.1-6.el7.5.ppc64.rpm libxml2-python-2.9.1-6.el7.5.ppc64.rpm ppc64le: libxml2-2.9.1-6.el7.5.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64le.rpm libxml2-devel-2.9.1-6.el7.5.ppc64le.rpm libxml2-python-2.9.1-6.el7.5.ppc64le.rpm s390x: libxml2-2.9.1-6.el7.5.s390.rpm libxml2-2.9.1-6.el7.5.s390x.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390x.rpm libxml2-devel-2.9.1-6.el7.5.s390.rpm libxml2-devel-2.9.1-6.el7.5.s390x.rpm libxml2-python-2.9.1-6.el7.5.s390x.rpm x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libxml2-debuginfo-2.9.1-6.el7.5.ppc.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64.rpm libxml2-static-2.9.1-6.el7.5.ppc.rpm libxml2-static-2.9.1-6.el7.5.ppc64.rpm ppc64le: libxml2-debuginfo-2.9.1-6.el7.5.ppc64le.rpm libxml2-static-2.9.1-6.el7.5.ppc64le.rpm s390x: libxml2-debuginfo-2.9.1-6.el7.5.s390.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390x.rpm libxml2-static-2.9.1-6.el7.5.s390.rpm libxml2-static-2.9.1-6.el7.5.s390x.rpm x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libxml2-2.9.1-6.el7.5.src.rpm x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-19956 https://access.redhat.com/security/cve/CVE-2019-20388 https://access.redhat.com/security/cve/CVE-2020-7595 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3OgG9zjgjWX9erEAQg9vhAAiDkPkj6VlpMKDvgVUY4eU83p4bCnZqos e9kVjDMJrHdYR5iXXc665LOYBG0yyDGdvVLeqxjI9S11UDypRyzy641kwBY6eCru 0yaA88aZ4YpQyIARmmK7cIMFe6JRWHOkEsOfMCtjpbkGLteXdzfUFgJnlRFB0Dai OVrZH3kGb5EbKvJGcWY7cqv5jQhpy802a4EhpHQ1q6vFAbO7D1T6vJlCyP0+ba5N ZoMyrCFWaX5TUjiwFkuyAiSZYyPyxo0+dhqgJaSU44BH4p5imV7c1oh10U7/7k+O Y30M2uLOuArD1ad0t2d23EVr8mRKUr+agoLWC8Pwuq2worTArE/395GKXv2Yvtv9 YCvvCNFIcnG5GaJloqhXkTZM2pCr0+n90WLrNZ0suPArycHU74ROfBNErWegvq2e gpFLyu3S1mpjcBG19Gjg1qgh7FKg57s7PbNzcETK5ParBQeZ4dHHpcr9voP52tYD SJ9ILV9unM5jya5Uwooa6GOFGistLQLntZd22zDcPahu0FxvQlyZFV4oInF0m/7h e/h8NgSwyJKNenZATlsOGmjdcMh95Unztu4bfK8S20/Ej8F/B2PE4Kxha2s0bxsC b9fFKBOIdTCeFi2lTyrctEGQl9ksrW/Va6+uQwe5lKQldwhB3of9QolUu7ud+gdx COt/fBH012Y=udpL -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Solution: See the documentation at: https://access.redhat.com/documentation/en-us/openshift_container_platform/ 4.6/html/serverless_applications/index 4. Bugs fixed (https://bugzilla.redhat.com/): 1874857 - CVE-2020-24553 golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1897643 - CVE-2020-28366 golang: malicious symbol names can lead to code execution at build time 1897646 - CVE-2020-28367 golang: improper validation of cgo flags can lead to code execution at build time 1906381 - Release of OpenShift Serverless Serving 1.12.0 1906382 - Release of OpenShift Serverless Eventing 1.12.0 5

Trust: 1.89

sources: NVD: CVE-2019-19956 // VULMON: CVE-2019-19956 // PACKETSTORM: 160125 // PACKETSTORM: 161727 // PACKETSTORM: 161429 // PACKETSTORM: 162142 // PACKETSTORM: 161916 // PACKETSTORM: 159851 // PACKETSTORM: 156276 // PACKETSTORM: 159349 // PACKETSTORM: 160961 // PACKETSTORM: 159552

AFFECTED PRODUCTS

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:30

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:netappmodel:ontap select deploy administration utilityscope:eqversion: -

Trust: 1.0

vendor:netappmodel:manageability software development kitscope:eqversion: -

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:clustered data ontapscope:eqversion: -

Trust: 1.0

vendor:netappmodel:clustered data ontap antivirus connectorscope:eqversion: -

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:19.10

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:32

Trust: 1.0

vendor:oraclemodel:real user experience insightscope:eqversion:13.3.1.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:xmlsoftmodel:libxml2scope:ltversion:2.9.10

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:siemensmodel:sinema remote connect serverscope:ltversion:3.0

Trust: 1.0

sources: NVD: CVE-2019-19956

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-19956
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201912-1088
value: HIGH

Trust: 0.6

VULMON: CVE-2019-19956
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-19956
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2019-19956
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULMON: CVE-2019-19956 // CNNVD: CNNVD-201912-1088 // NVD: CVE-2019-19956

PROBLEMTYPE DATA

problemtype:CWE-401

Trust: 1.0

sources: NVD: CVE-2019-19956

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201912-1088

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201912-1088

PATCH

title:libxml2 Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=106417

Trust: 0.6

title:Red Hat: Moderate: libxml2 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204479 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: libxml2 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203996 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: libxml2 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4274-1

Trust: 0.1

title:Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202646 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202644 - Security Advisory

Trust: 0.1

title:Amazon Linux AMI: ALAS-2020-1438url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1438

Trust: 0.1

title:Amazon Linux 2: ALAS2-2020-1534url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2020-1534

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=0d160980ab72db34060d62c89304b6f2

Trust: 0.1

title:Red Hat: Moderate: Release of OpenShift Serverless 1.11.0url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20205149 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: security update - Red Hat Ansible Tower 3.6 runner release (CVE-2019-18874)url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204255 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204254 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Release of OpenShift Serverless 1.12.0url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210146 - Security Advisory

Trust: 0.1

title:Red Hat: Low: OpenShift Container Platform 4.3.40 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204264 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210190 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Quay v3.3.3 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210050 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210436 - Security Advisory

Trust: 0.1

title:IBM: Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=3201548b0e11fd3ecd83fd36fc045a8e

Trust: 0.1

title:Red Hat: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20205605 - Security Advisory

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title: - url:https://github.com/vincent-deng/veracode-container-security-finding-parser

Trust: 0.1

sources: VULMON: CVE-2019-19956 // CNNVD: CNNVD-201912-1088

EXTERNAL IDS

db:NVDid:CVE-2019-19956

Trust: 2.7

db:SIEMENSid:SSA-292794

Trust: 1.7

db:ICS CERTid:ICSA-21-103-08

Trust: 1.7

db:PACKETSTORMid:160125

Trust: 0.7

db:PACKETSTORMid:161727

Trust: 0.7

db:PACKETSTORMid:161429

Trust: 0.7

db:PACKETSTORMid:162142

Trust: 0.7

db:PACKETSTORMid:161916

Trust: 0.7

db:PACKETSTORMid:159851

Trust: 0.7

db:PACKETSTORMid:156276

Trust: 0.7

db:PACKETSTORMid:159349

Trust: 0.7

db:PACKETSTORMid:160961

Trust: 0.7

db:AUSCERTid:ESB-2021.0584

Trust: 0.6

db:AUSCERTid:ESB-2023.3732

Trust: 0.6

db:AUSCERTid:ESB-2021.1207

Trust: 0.6

db:AUSCERTid:ESB-2020.3535

Trust: 0.6

db:AUSCERTid:ESB-2021.2604

Trust: 0.6

db:AUSCERTid:ESB-2021.1744

Trust: 0.6

db:AUSCERTid:ESB-2020.4513

Trust: 0.6

db:AUSCERTid:ESB-2021.1242

Trust: 0.6

db:AUSCERTid:ESB-2021.1727

Trust: 0.6

db:AUSCERTid:ESB-2021.4058

Trust: 0.6

db:AUSCERTid:ESB-2020.1826

Trust: 0.6

db:AUSCERTid:ESB-2020.2162

Trust: 0.6

db:AUSCERTid:ESB-2020.3364

Trust: 0.6

db:AUSCERTid:ESB-2021.0234

Trust: 0.6

db:AUSCERTid:ESB-2020.3631

Trust: 0.6

db:AUSCERTid:ESB-2020.2475

Trust: 0.6

db:AUSCERTid:ESB-2021.0864

Trust: 0.6

db:AUSCERTid:ESB-2020.0471

Trust: 0.6

db:AUSCERTid:ESB-2021.0845

Trust: 0.6

db:AUSCERTid:ESB-2020.0025

Trust: 0.6

db:AUSCERTid:ESB-2020.3868

Trust: 0.6

db:AUSCERTid:ESB-2021.0986

Trust: 0.6

db:AUSCERTid:ESB-2022.3550

Trust: 0.6

db:AUSCERTid:ESB-2021.0691

Trust: 0.6

db:AUSCERTid:ESB-2020.4100

Trust: 0.6

db:AUSCERTid:ESB-2020.3102

Trust: 0.6

db:AUSCERTid:ESB-2021.0319

Trust: 0.6

db:AUSCERTid:ESB-2021.1193

Trust: 0.6

db:AUSCERTid:ESB-2021.0171

Trust: 0.6

db:AUSCERTid:ESB-2021.0099

Trust: 0.6

db:PACKETSTORMid:160889

Trust: 0.6

db:PACKETSTORMid:159553

Trust: 0.6

db:PACKETSTORMid:159661

Trust: 0.6

db:PACKETSTORMid:162130

Trust: 0.6

db:PACKETSTORMid:161536

Trust: 0.6

db:PACKETSTORMid:158168

Trust: 0.6

db:PACKETSTORMid:162694

Trust: 0.6

db:CS-HELPid:SB2021041514

Trust: 0.6

db:CS-HELPid:SB2021052216

Trust: 0.6

db:CS-HELPid:SB2022072097

Trust: 0.6

db:CS-HELPid:SB2021111735

Trust: 0.6

db:CNNVDid:CNNVD-201912-1088

Trust: 0.6

db:VULMONid:CVE-2019-19956

Trust: 0.1

db:PACKETSTORMid:159552

Trust: 0.1

sources: VULMON: CVE-2019-19956 // PACKETSTORM: 160125 // PACKETSTORM: 161727 // PACKETSTORM: 161429 // PACKETSTORM: 162142 // PACKETSTORM: 161916 // PACKETSTORM: 159851 // PACKETSTORM: 156276 // PACKETSTORM: 159349 // PACKETSTORM: 160961 // PACKETSTORM: 159552 // CNNVD: CNNVD-201912-1088 // NVD: CVE-2019-19956

REFERENCES

url:https://usn.ubuntu.com/4274-1/

Trust: 2.4

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08

Trust: 2.3

url:https://gitlab.gnome.org/gnome/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20200114-0002/

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujul2020.html

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-19956

Trust: 1.6

url:https://access.redhat.com/security/cve/cve-2019-19956

Trust: 1.5

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5r55zr52rmbx24tqtwhciwkjvrv6yawi/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jdpf3aavkuakdyfmfksiqsvvs3eefpqh/

Trust: 1.1

url:https://access.redhat.com/security/cve/cve-2020-7595

Trust: 0.9

url:https://nvd.nist.gov/vuln/detail/cve-2019-20388

Trust: 0.9

url:https://access.redhat.com/security/team/contact/

Trust: 0.9

url:https://access.redhat.com/security/cve/cve-2019-20388

Trust: 0.9

url:https://bugzilla.redhat.com/):

Trust: 0.9

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.7

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.7

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5r55zr52rmbx24tqtwhciwkjvrv6yawi/

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jdpf3aavkuakdyfmfksiqsvvs3eefpqh/

Trust: 0.6

url:https://www.debian.org/lts/security/2019/dla-2048

Trust: 0.6

url:https://packetstormsecurity.com/files/161536/red-hat-security-advisory-2020-5635-01.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6455281

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3535/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021052216

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2162/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1727

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1207

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-libxml2-vulnerabilities-cve-2019-19956-cve-2019-20388-cve-2020-7595/

Trust: 0.6

url:https://packetstormsecurity.com/files/161429/red-hat-security-advisory-2021-0436-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/161727/red-hat-security-advisory-2021-0778-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-4/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0171/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerabilities-in-libxml2/

Trust: 0.6

url:https://packetstormsecurity.com/files/159553/red-hat-security-advisory-2020-4255-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4100/

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6520474

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0845

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0025/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0691

Trust: 0.6

url:https://packetstormsecurity.com/files/162694/red-hat-security-advisory-2021-2021-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0099/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4058

Trust: 0.6

url:https://packetstormsecurity.com/files/160889/red-hat-security-advisory-2021-0050-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162130/red-hat-security-advisory-2021-1129-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/160125/red-hat-security-advisory-2020-5149-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/160961/red-hat-security-advisory-2021-0146-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3868/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1744

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072097

Trust: 0.6

url:https://packetstormsecurity.com/files/158168/red-hat-security-advisory-2020-2646-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021111735

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2475/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0319/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0471/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4513/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-network-security-is-affected-by-multiple-vulnerabilities-2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0234/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0584

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-6/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1193

Trust: 0.6

url:https://vigilance.fr/vulnerability/libxml2-memory-leak-via-xmlparsebalancedchunkmemoryrecover-31236

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-flex-system-chassis-management-module-cmm-is-affected-by-vulnerabilities-in-libxml2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0864

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.3732

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0986

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-bootable-media-creator-bomc-is-affected-by-vulnerabilities-in-libxml2/

Trust: 0.6

url:https://packetstormsecurity.com/files/159349/red-hat-security-advisory-2020-3996-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-6/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2604

Trust: 0.6

url:https://packetstormsecurity.com/files/159851/red-hat-security-advisory-2020-4479-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/156276/ubuntu-security-notice-usn-4274-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1242

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041514

Trust: 0.6

url:https://packetstormsecurity.com/files/159661/red-hat-security-advisory-2020-4264-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1826/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3102/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3550

Trust: 0.6

url:https://packetstormsecurity.com/files/161916/red-hat-security-advisory-2021-0949-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162142/red-hat-security-advisory-2021-1079-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-products-are-affected-by-vulnerabilities-in-libxml2/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-5/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3631/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3364/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-20907

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-8177

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-20907

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-1971

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-17006

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-12749

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12401

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-1971

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-17006

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-11719

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-17023

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-17023

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-12749

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-6829

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12403

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-12400

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-11756

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-11756

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12243

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12400

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-11727

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-12243

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-11719

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-11727

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-17498

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-17498

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12402

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-19906

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-13627

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1730

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-6405

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19906

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20387

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-13050

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-13050

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20387

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-13627

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-14889

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20218

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-5018

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-16168

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13632

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-16168

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20218

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-10029

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13630

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1752

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-9327

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20454

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-19221

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19221

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-16935

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-16935

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13631

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5018

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-14889

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14422

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1751

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20454

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-12402

Trust: 0.3

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-12401

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-12403

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-5188

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-5094

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5188

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5094

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-7595

Trust: 0.3

url:https://access.redhat.com/errata/rhsa-2020:4479

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-1752

Trust: 0.2

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-1730

Trust: 0.2

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless_applications/index

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20916

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13631

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13632

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-10029

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-1551

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-1751

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13630

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-1551

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20916

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-8492

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-14422

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20228

Trust: 0.2

url:https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20191

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20180

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20178

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24659

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20386

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-28362

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20386

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2017-12652

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17546

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14973

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17546

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2017-12652

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14973

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-5313

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/401.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:5149

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14040

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14040

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12723

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11023

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20372

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10878

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20253

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11023

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0778

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11022

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12723

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-5766

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10878

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-5766

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20372

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11022

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35678

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9925

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9802

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9895

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-15165

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14382

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8812

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3899

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11068

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8819

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3867

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9893

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8808

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3902

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3900

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8743

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9805

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8820

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8769

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8813

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9850

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8811

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9803

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9862

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3885

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15503

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10018

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8835

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8764

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8844

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3865

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3864

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14391

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3862

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3901

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.6/updating/updating-cluster

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8823

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3895

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15165

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11793

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9894

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8816

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8771

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3897

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9806

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8814

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8743

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9915

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8815

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8783

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20807

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0436

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11068

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8766

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3868

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8846

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3894

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8782

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1079

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15999

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3156

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3447

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-5313

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15999

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0949

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-8177

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.4/cli_reference/openshift_developer_cli/installing-odo.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-6829

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/

Trust: 0.1

url:https://usn.ubuntu.com/4274-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/libxml2/2.9.4+dfsg1-7ubuntu3.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/libxml2/2.9.3+dfsg1-1ubuntu0.7

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/libxml2/2.9.4+dfsg1-6.1ubuntu1.3

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:3996

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0146

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28362

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24553

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24553

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24659

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28366

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28366

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28367

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28367

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19126

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-1240

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18874

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12450

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4254

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14822

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14822

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18874

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14365

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19126

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5482

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5482

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-12450

Trust: 0.1

sources: VULMON: CVE-2019-19956 // PACKETSTORM: 160125 // PACKETSTORM: 161727 // PACKETSTORM: 161429 // PACKETSTORM: 162142 // PACKETSTORM: 161916 // PACKETSTORM: 159851 // PACKETSTORM: 156276 // PACKETSTORM: 159349 // PACKETSTORM: 160961 // PACKETSTORM: 159552 // CNNVD: CNNVD-201912-1088 // NVD: CVE-2019-19956

CREDITS

Red Hat

Trust: 0.9

sources: PACKETSTORM: 160125 // PACKETSTORM: 161727 // PACKETSTORM: 161429 // PACKETSTORM: 162142 // PACKETSTORM: 161916 // PACKETSTORM: 159851 // PACKETSTORM: 159349 // PACKETSTORM: 160961 // PACKETSTORM: 159552

SOURCES

db:VULMONid:CVE-2019-19956
db:PACKETSTORMid:160125
db:PACKETSTORMid:161727
db:PACKETSTORMid:161429
db:PACKETSTORMid:162142
db:PACKETSTORMid:161916
db:PACKETSTORMid:159851
db:PACKETSTORMid:156276
db:PACKETSTORMid:159349
db:PACKETSTORMid:160961
db:PACKETSTORMid:159552
db:CNNVDid:CNNVD-201912-1088
db:NVDid:CVE-2019-19956

LAST UPDATE DATE

2025-03-19T22:34:32.611000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2019-19956date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-201912-1088date:2023-06-30T00:00:00
db:NVDid:CVE-2019-19956date:2024-11-21T04:35:44.420

SOURCES RELEASE DATE

db:VULMONid:CVE-2019-19956date:2019-12-24T00:00:00
db:PACKETSTORMid:160125date:2020-11-18T20:48:43
db:PACKETSTORMid:161727date:2021-03-09T16:25:11
db:PACKETSTORMid:161429date:2021-02-16T15:44:48
db:PACKETSTORMid:162142date:2021-04-09T15:06:13
db:PACKETSTORMid:161916date:2021-03-22T15:36:55
db:PACKETSTORMid:159851date:2020-11-04T15:29:08
db:PACKETSTORMid:156276date:2020-02-10T15:35:17
db:PACKETSTORMid:159349date:2020-09-30T15:43:22
db:PACKETSTORMid:160961date:2021-01-15T15:06:55
db:PACKETSTORMid:159552date:2020-10-14T16:52:12
db:CNNVDid:CNNVD-201912-1088date:2019-12-24T00:00:00
db:NVDid:CVE-2019-19956date:2019-12-24T16:15:11.450