ID

VAR-201912-1848


CVE

CVE-2019-8819


TITLE

plural Apple Updates to product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2019-011304

DESCRIPTION

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple Safari prior to 13.0.3; iOS prior to 13.2; iPadOS prior to 13.2; tvOS prior to 13.2; Windows-based iCloud prior to 11.0; Windows-based iTunes prior to 12.10.2; Windows-based versions of iCloud prior to 7.15. WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-6237) WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-8601) An out-of-bounds read was addressed with improved input validation. (CVE-2019-8644) A logic issue existed in the handling of synchronous page loads. (CVE-2019-8689) A logic issue existed in the handling of document loads. (CVE-2019-8719) This fixes a remote code execution in webkitgtk4. No further details are available in NIST. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. (CVE-2019-8766) "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768) An issue existed in the drawing of web page elements. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769) This issue was addressed with improved iframe sandbox enforcement. (CVE-2019-8846) WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. (CVE-2020-10018) A use-after-free flaw exists in WebKitGTK. This flaw allows remote malicious users to execute arbitrary code or cause a denial of service. A malicious website may be able to cause a denial of service. A DOM object context may not have had a unique security origin. A file URL may be incorrectly processed. (CVE-2020-3885) A race condition was addressed with additional validation. An application may be able to read restricted memory. (CVE-2020-3901) An input validation issue was addressed with improved input validation. (CVE-2020-3902). Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API. These updated images include numerous security fixes, bug fixes, and enhancements. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume 1813506 - Dockerfile not compatible with docker and buildah 1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup 1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement 1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance 1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https) 1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node. 1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default 1842254 - [NooBaa] Compression stats do not add up when compression id disabled 1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster 1849771 - [RFE] Account created by OBC should have same permissions as bucket owner 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot 1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume 1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS 1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount 1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params) 1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14) 1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage 1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards 1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found 1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining 1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script 1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases. 1865938 - CSIDrivers missing in OCS 4.6 1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found) 1868703 - [rbd] After volume expansion, the new size is not reflected on the pod 1869411 - capture full crash information from ceph 1870061 - [RHEL][IBM] OCS un-install should make the devices raw 1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn't find key admin-secret) 1870631 - OCS 4.6 Deployment : RGW pods went into 'CrashLoopBackOff' state on Z Platform 1872119 - Updates don't work on StorageClass which will keep PV expansion disabled for upgraded cluster 1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store 1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError 1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function 1875476 - Change noobaa logo in the noobaa UI 1877339 - Incorrect use of logr 1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect 1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory 1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket 1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW 1879008 - ocs-osd-removal job fails because it can't find admin-secret in rook-ceph-mon secret 1879072 - Deployment with encryption at rest is failing to bring up OSD pods 1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed 1880255 - Collect rbd info and subvolume info and snapshot info command output 1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS 1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed 1882397 - MCG decompression problem with snappy on s390x arch 1883253 - CSV doesn't contain values required for UI to enable minimal deployment and cluster encryption 1883398 - Update csi sidecar containers in rook 1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash 1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6 1883927 - Deployment with encryption at rest is failing to bring up OSD pods 1885175 - Handle disappeared underlying device for encrypted OSD 1885428 - panic seen in rook-ceph during uninstall - "close of closed channel" 1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall 1885971 - ocs-storagecluster-cephobjectstore doesn't report true state of RGW 1886308 - Default VolumeSnapshot Classes not created in External Mode 1886348 - osd removal job failed with status "Error" 1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB) 1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6 1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall 1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, "failed to delete object store", remaining users: [noobaa-ceph-objectstore-user] 1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state 1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script 1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash 1889441 - Traceback error message while running OCS 4.6 must-gather 1889683 - [GSS] Noobaa Problem when setting public access to a bucket 1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster 1890183 - [External] ocs-operator logs are filled with "failed to reconcile metrics exporter" 1890638 - must-gather helper pod should be deleted after collecting ceph crash info 1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port 1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint 1892206 - [GSS] Ceph image/version mismatch 1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test 1893624 - Must Gather is not collecting the tar file from NooBaa diagnose 1893691 - OCS4.6 must_gather failes to complete in 600sec 1893714 - Bad response for upload an object with encryption 1895402 - Mon pods didn't get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6 1896298 - [RFE] Monitoring for Namespace buckets and resources 1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs 1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC 1902627 - must-gather should wait for debug pods to be in ready state 1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6 5. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. This advisory provides the following updates among others: * Enhances profile parsing time. * Fixes excessive resource consumption from the Operator. * Fixes default content image. * Fixes outdated remediation handling. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918990 - ComplianceSuite scans use quay content image for initContainer 1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present 1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules 1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console. Bug Fix(es): * Aggregator pod tries to parse ConfigMaps without results (BZ#1899479) * The compliancesuite object returns error with ocp4-cis tailored profile (BZ#1902251) * The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object (BZ#1902634) * [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object (BZ#1907414) * The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator (BZ#1908991) * Applying the "rhcos4-moderate" compliance profile leads to Ignition error "something else exists at that path" (BZ#1909081) * [OCP v46] Always update the default profilebundles on Compliance operator startup (BZ#1909122) 3. Bugs fixed (https://bugzilla.redhat.com/): 1899479 - Aggregator pod tries to parse ConfigMaps without results 1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service 1902251 - The compliancesuite object returns error with ocp4-cis tailored profile 1902634 - The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object 1907414 - [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object 1908991 - The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator 1909081 - Applying the "rhcos4-moderate" compliance profile leads to Ignition error "something else exists at that path" 1909122 - [OCP v46] Always update the default profilebundles on Compliance operator startup 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update Advisory ID: RHSA-2020:4035-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035 Issue date: 2020-09-29 CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506 CVE-2019-8524 CVE-2019-8535 CVE-2019-8536 CVE-2019-8544 CVE-2019-8551 CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 CVE-2019-8571 CVE-2019-8583 CVE-2019-8584 CVE-2019-8586 CVE-2019-8587 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8601 CVE-2019-8607 CVE-2019-8608 CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 CVE-2019-8615 CVE-2019-8619 CVE-2019-8622 CVE-2019-8623 CVE-2019-8625 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8674 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-8707 CVE-2019-8710 CVE-2019-8719 CVE-2019-8720 CVE-2019-8726 CVE-2019-8733 CVE-2019-8735 CVE-2019-8743 CVE-2019-8763 CVE-2019-8764 CVE-2019-8765 CVE-2019-8766 CVE-2019-8768 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8821 CVE-2019-8822 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-11070 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-10018 CVE-2020-11793 ==================================================================== 1. Summary: An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch 3. Description: WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. The following packages have been upgraded to a later upstream version: webkitgtk4 (2.28.2). (BZ#1817144) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm x86_64: webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm x86_64: webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm ppc64: webkitgtk4-2.28.2-2.el7.ppc.rpm webkitgtk4-2.28.2-2.el7.ppc64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm ppc64le: webkitgtk4-2.28.2-2.el7.ppc64le.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm s390x: webkitgtk4-2.28.2-2.el7.s390.rpm webkitgtk4-2.28.2-2.el7.s390x.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm webkitgtk4-jsc-2.28.2-2.el7.s390.rpm webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm ppc64: webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm webkitgtk4-devel-2.28.2-2.el7.ppc.rpm webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm s390x: webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm webkitgtk4-devel-2.28.2-2.el7.s390.rpm webkitgtk4-devel-2.28.2-2.el7.s390x.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm These packages are GPG signed by Red Hat for security. References: https://access.redhat.com/security/cve/CVE-2019-6237 https://access.redhat.com/security/cve/CVE-2019-6251 https://access.redhat.com/security/cve/CVE-2019-8506 https://access.redhat.com/security/cve/CVE-2019-8524 https://access.redhat.com/security/cve/CVE-2019-8535 https://access.redhat.com/security/cve/CVE-2019-8536 https://access.redhat.com/security/cve/CVE-2019-8544 https://access.redhat.com/security/cve/CVE-2019-8551 https://access.redhat.com/security/cve/CVE-2019-8558 https://access.redhat.com/security/cve/CVE-2019-8559 https://access.redhat.com/security/cve/CVE-2019-8563 https://access.redhat.com/security/cve/CVE-2019-8571 https://access.redhat.com/security/cve/CVE-2019-8583 https://access.redhat.com/security/cve/CVE-2019-8584 https://access.redhat.com/security/cve/CVE-2019-8586 https://access.redhat.com/security/cve/CVE-2019-8587 https://access.redhat.com/security/cve/CVE-2019-8594 https://access.redhat.com/security/cve/CVE-2019-8595 https://access.redhat.com/security/cve/CVE-2019-8596 https://access.redhat.com/security/cve/CVE-2019-8597 https://access.redhat.com/security/cve/CVE-2019-8601 https://access.redhat.com/security/cve/CVE-2019-8607 https://access.redhat.com/security/cve/CVE-2019-8608 https://access.redhat.com/security/cve/CVE-2019-8609 https://access.redhat.com/security/cve/CVE-2019-8610 https://access.redhat.com/security/cve/CVE-2019-8611 https://access.redhat.com/security/cve/CVE-2019-8615 https://access.redhat.com/security/cve/CVE-2019-8619 https://access.redhat.com/security/cve/CVE-2019-8622 https://access.redhat.com/security/cve/CVE-2019-8623 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8644 https://access.redhat.com/security/cve/CVE-2019-8649 https://access.redhat.com/security/cve/CVE-2019-8658 https://access.redhat.com/security/cve/CVE-2019-8666 https://access.redhat.com/security/cve/CVE-2019-8669 https://access.redhat.com/security/cve/CVE-2019-8671 https://access.redhat.com/security/cve/CVE-2019-8672 https://access.redhat.com/security/cve/CVE-2019-8673 https://access.redhat.com/security/cve/CVE-2019-8674 https://access.redhat.com/security/cve/CVE-2019-8676 https://access.redhat.com/security/cve/CVE-2019-8677 https://access.redhat.com/security/cve/CVE-2019-8678 https://access.redhat.com/security/cve/CVE-2019-8679 https://access.redhat.com/security/cve/CVE-2019-8680 https://access.redhat.com/security/cve/CVE-2019-8681 https://access.redhat.com/security/cve/CVE-2019-8683 https://access.redhat.com/security/cve/CVE-2019-8684 https://access.redhat.com/security/cve/CVE-2019-8686 https://access.redhat.com/security/cve/CVE-2019-8687 https://access.redhat.com/security/cve/CVE-2019-8688 https://access.redhat.com/security/cve/CVE-2019-8689 https://access.redhat.com/security/cve/CVE-2019-8690 https://access.redhat.com/security/cve/CVE-2019-8707 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8719 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8726 https://access.redhat.com/security/cve/CVE-2019-8733 https://access.redhat.com/security/cve/CVE-2019-8735 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8763 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8765 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8768 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8821 https://access.redhat.com/security/cve/CVE-2019-8822 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-11070 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01 RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1 PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467 eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ 1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh PKg+HFNkMjk=dS3G -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ------------------------------------------------------------------------ WebKitGTK and WPE WebKit Security Advisory WSA-2019-0006 ------------------------------------------------------------------------ Date reported : November 08, 2019 Advisory ID : WSA-2019-0006 WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0006.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0006.html CVE identifiers : CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823. Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. CVE-2019-8710 Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0. Credit to found by OSS-Fuzz. CVE-2019-8743 Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0. Credit to zhunki from Codesafe Team of Legendsec at Qi'anxin Group. CVE-2019-8764 Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0. Credit to Sergei Glazunov of Google Project Zero. CVE-2019-8765 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to Samuel Groß of Google Project Zero. CVE-2019-8766 Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0. Credit to found by OSS-Fuzz. CVE-2019-8782 Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0. Credit to Cheolung Lee of LINE+ Security Team. CVE-2019-8783 Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1. Credit to Cheolung Lee of LINE+ Graylab Security Team. CVE-2019-8808 Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0. Credit to found by OSS-Fuzz. CVE-2019-8811 Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1. Credit to Soyeon Park of SSLab at Georgia Tech. CVE-2019-8812 Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before 2.26.2. Credit to an anonymous researcher. CVE-2019-8813 Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1. Credit to an anonymous researcher. CVE-2019-8814 Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before 2.26.2. Credit to Cheolung Lee of LINE+ Security Team. CVE-2019-8815 Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0. Credit to Apple. CVE-2019-8816 Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1. Credit to Soyeon Park of SSLab at Georgia Tech. CVE-2019-8819 Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1. Credit to Cheolung Lee of LINE+ Security Team. CVE-2019-8820 Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1. Credit to Samuel Groß of Google Project Zero. CVE-2019-8821 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to Sergei Glazunov of Google Project Zero. CVE-2019-8822 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to Sergei Glazunov of Google Project Zero. CVE-2019-8823 Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1. Credit to Sergei Glazunov of Google Project Zero. We recommend updating to the latest stable versions of WebKitGTK and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK and WPE WebKit team, November 08, 2019 . 8) - aarch64, ppc64le, s390x, x86_64 3. Bugs fixed (https://bugzilla.redhat.com/): 1207179 - Select items matching non existing pattern does not unselect already selected 1566027 - can't correctly compute contents size if hidden files are included 1569868 - Browsing samba shares using gvfs is very slow 1652178 - [RFE] perf-tool run on wayland 1656262 - The terminal's character display is unclear on rhel8 guest after installing gnome 1668895 - [RHEL8] Timedlogin Fails when Userlist is Disabled 1692536 - login screen shows after gnome-initial-setup 1706008 - Sound Effect sometimes fails to change to selected option. 1706076 - Automatic suspend for 90 minutes is set for 80 minutes instead. 1715845 - JS ERROR: TypeError: this._workspacesViews[i] is undefined 1719937 - GNOME Extension: Auto-Move-Windows Not Working Properly 1758891 - tracker-devel subpackage missing from el8 repos 1775345 - Rebase xdg-desktop-portal to 1.6 1778579 - Nautilus does not respect umask settings. 1779691 - Rebase xdg-desktop-portal-gtk to 1.6 1794045 - There are two different high contrast versions of desktop icons 1804719 - Update vte291 to 0.52.4 1805929 - RHEL 8.1 gnome-shell-extension errors 1811721 - CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp 1814820 - No checkbox to install updates in the shutdown dialog 1816070 - "search for an application to open this file" dialog broken 1816678 - CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution 1816684 - CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution 1816686 - CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution 1817143 - Rebase WebKitGTK to 2.28 1820759 - Include IO stall fixes 1820760 - Include IO fixes 1824362 - [BZ] Setting in gnome-tweak-tool Window List will reset upon opening 1827030 - gnome-settings-daemon: subscription notification on CentOS Stream 1829369 - CVE-2020-11793 webkitgtk: use-after-free via crafted web content 1832347 - [Rebase] Rebase pipewire to 0.3.x 1833158 - gdm-related dconf folders and keyfiles are not found in fresh 8.2 install 1837381 - Backport screen cast improvements to 8.3 1837406 - Rebase gnome-remote-desktop to PipeWire 0.3 version 1837413 - Backport changes needed by xdg-desktop-portal-gtk-1.6 1837648 - Vendor.conf should point to https://access.redhat.com/site/solutions/537113 1840080 - Can not control top bar menus via keys in Wayland 1840788 - [flatpak][rhel8] unable to build potrace as dependency 1843486 - Software crash after clicking Updates tab 1844578 - anaconda very rarely crashes at startup with a pygobject traceback 1846191 - usb adapters hotplug crashes gnome-shell 1847051 - JS ERROR: TypeError: area is null 1847061 - File search doesn't work under certain locales 1847062 - gnome-remote-desktop crash on QXL graphics 1847203 - gnome-shell: get_top_visible_window_actor(): gnome-shell killed by SIGSEGV 1853477 - CVE-2020-15503 LibRaw: lack of thumbnail size range check can lead to buffer overflow 1854734 - PipeWire 0.2 should be required by xdg-desktop-portal 1866332 - Remove obsolete libusb-devel dependency 1868260 - [Hyper-V][RHEL8] VM starts GUI failed on Hyper-V 2019/2016, hangs at "Started GNOME Display Manager" - GDM regression issue. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: March 15, 2020 Bugs: #699156, #706374, #709612 ID: 202003-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.26.4 >= 2.26.4 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.26.4" References ========== [ 1 ] CVE-2019-8625 https://nvd.nist.gov/vuln/detail/CVE-2019-8625 [ 2 ] CVE-2019-8674 https://nvd.nist.gov/vuln/detail/CVE-2019-8674 [ 3 ] CVE-2019-8707 https://nvd.nist.gov/vuln/detail/CVE-2019-8707 [ 4 ] CVE-2019-8710 https://nvd.nist.gov/vuln/detail/CVE-2019-8710 [ 5 ] CVE-2019-8719 https://nvd.nist.gov/vuln/detail/CVE-2019-8719 [ 6 ] CVE-2019-8720 https://nvd.nist.gov/vuln/detail/CVE-2019-8720 [ 7 ] CVE-2019-8726 https://nvd.nist.gov/vuln/detail/CVE-2019-8726 [ 8 ] CVE-2019-8733 https://nvd.nist.gov/vuln/detail/CVE-2019-8733 [ 9 ] CVE-2019-8735 https://nvd.nist.gov/vuln/detail/CVE-2019-8735 [ 10 ] CVE-2019-8743 https://nvd.nist.gov/vuln/detail/CVE-2019-8743 [ 11 ] CVE-2019-8763 https://nvd.nist.gov/vuln/detail/CVE-2019-8763 [ 12 ] CVE-2019-8764 https://nvd.nist.gov/vuln/detail/CVE-2019-8764 [ 13 ] CVE-2019-8765 https://nvd.nist.gov/vuln/detail/CVE-2019-8765 [ 14 ] CVE-2019-8766 https://nvd.nist.gov/vuln/detail/CVE-2019-8766 [ 15 ] CVE-2019-8768 https://nvd.nist.gov/vuln/detail/CVE-2019-8768 [ 16 ] CVE-2019-8769 https://nvd.nist.gov/vuln/detail/CVE-2019-8769 [ 17 ] CVE-2019-8771 https://nvd.nist.gov/vuln/detail/CVE-2019-8771 [ 18 ] CVE-2019-8782 https://nvd.nist.gov/vuln/detail/CVE-2019-8782 [ 19 ] CVE-2019-8783 https://nvd.nist.gov/vuln/detail/CVE-2019-8783 [ 20 ] CVE-2019-8808 https://nvd.nist.gov/vuln/detail/CVE-2019-8808 [ 21 ] CVE-2019-8811 https://nvd.nist.gov/vuln/detail/CVE-2019-8811 [ 22 ] CVE-2019-8812 https://nvd.nist.gov/vuln/detail/CVE-2019-8812 [ 23 ] CVE-2019-8813 https://nvd.nist.gov/vuln/detail/CVE-2019-8813 [ 24 ] CVE-2019-8814 https://nvd.nist.gov/vuln/detail/CVE-2019-8814 [ 25 ] CVE-2019-8815 https://nvd.nist.gov/vuln/detail/CVE-2019-8815 [ 26 ] CVE-2019-8816 https://nvd.nist.gov/vuln/detail/CVE-2019-8816 [ 27 ] CVE-2019-8819 https://nvd.nist.gov/vuln/detail/CVE-2019-8819 [ 28 ] CVE-2019-8820 https://nvd.nist.gov/vuln/detail/CVE-2019-8820 [ 29 ] CVE-2019-8821 https://nvd.nist.gov/vuln/detail/CVE-2019-8821 [ 30 ] CVE-2019-8822 https://nvd.nist.gov/vuln/detail/CVE-2019-8822 [ 31 ] CVE-2019-8823 https://nvd.nist.gov/vuln/detail/CVE-2019-8823 [ 32 ] CVE-2019-8835 https://nvd.nist.gov/vuln/detail/CVE-2019-8835 [ 33 ] CVE-2019-8844 https://nvd.nist.gov/vuln/detail/CVE-2019-8844 [ 34 ] CVE-2019-8846 https://nvd.nist.gov/vuln/detail/CVE-2019-8846 [ 35 ] CVE-2020-3862 https://nvd.nist.gov/vuln/detail/CVE-2020-3862 [ 36 ] CVE-2020-3864 https://nvd.nist.gov/vuln/detail/CVE-2020-3864 [ 37 ] CVE-2020-3865 https://nvd.nist.gov/vuln/detail/CVE-2020-3865 [ 38 ] CVE-2020-3867 https://nvd.nist.gov/vuln/detail/CVE-2020-3867 [ 39 ] CVE-2020-3868 https://nvd.nist.gov/vuln/detail/CVE-2020-3868 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202003-22 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Description: Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally. Bugs fixed (https://bugzilla.redhat.com/): 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 5

Trust: 2.52

sources: NVD: CVE-2019-8819 // JVNDB: JVNDB-2019-011304 // VULHUB: VHN-160254 // VULMON: CVE-2019-8819 // PACKETSTORM: 160624 // PACKETSTORM: 161429 // PACKETSTORM: 161016 // PACKETSTORM: 159375 // PACKETSTORM: 155216 // PACKETSTORM: 159816 // PACKETSTORM: 156742 // PACKETSTORM: 168011

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:13.2

Trust: 1.0

vendor:applemodel:safariscope:ltversion:13.0.3

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:13.2

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:13.2

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:7.15

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.10.2

Trust: 1.0

vendor:applemodel:icloudscope:gteversion:10.0

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:10.8

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:for windows 11.0 earlier

Trust: 0.8

vendor:applemodel:icloudscope:ltversion:for windows 7.15 earlier

Trust: 0.8

vendor:applemodel:iosscope:ltversion:13.2 earlier

Trust: 0.8

vendor:applemodel:ipadosscope:ltversion:13.2 earlier

Trust: 0.8

vendor:applemodel:itunesscope:ltversion:12.10.2 for windows earlier

Trust: 0.8

vendor:applemodel:macos catalinascope:ltversion:10.15.1 earlier

Trust: 0.8

vendor:applemodel:macos high sierrascope:eqversion:10.13.6 (security update 2019-006 not applied )

Trust: 0.8

vendor:applemodel:macos mojavescope:eqversion:10.14.6 (security update 2019-001 not applied )

Trust: 0.8

vendor:applemodel:safariscope:ltversion:13.0.3 earlier

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:13.2 earlier

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:6.1 earlier

Trust: 0.8

vendor:applemodel:xcodescope:ltversion:11.2 earlier

Trust: 0.8

sources: JVNDB: JVNDB-2019-011304 // NVD: CVE-2019-8819

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-8819
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201910-1757
value: HIGH

Trust: 0.6

VULHUB: VHN-160254
value: MEDIUM

Trust: 0.1

VULMON: CVE-2019-8819
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-8819
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-160254
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-8819
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-160254 // VULMON: CVE-2019-8819 // CNNVD: CNNVD-201910-1757 // NVD: CVE-2019-8819

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-119

Trust: 0.1

sources: VULHUB: VHN-160254 // NVD: CVE-2019-8819

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 160624 // PACKETSTORM: 168011 // CNNVD: CNNVD-201910-1757

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201910-1757

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-011304

PATCH

title:About the security content of iCloud for Windows 11.0url:https://support.apple.com/en-us/HT210727

Trust: 0.8

title:About the security content of iCloud for Windows 7.15url:https://support.apple.com/en-us/HT210728

Trust: 0.8

title:About the security content of iOS 13.2 and iPadOS 13.2url:https://support.apple.com/en-us/HT210721

Trust: 0.8

title:About the security content of Xcode 11.2url:https://support.apple.com/en-us/HT210729

Trust: 0.8

title:About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006url:https://support.apple.com/en-us/HT210722

Trust: 0.8

title:About the security content of tvOS 13.2url:https://support.apple.com/en-us/HT210723

Trust: 0.8

title:About the security content of watchOS 6.1url:https://support.apple.com/en-us/HT210724

Trust: 0.8

title:About the security content of Safari 13.0.3url:https://support.apple.com/en-us/HT210725

Trust: 0.8

title:About the security content of iTunes 12.10.2 for Windowsurl:https://support.apple.com/en-us/HT210726

Trust: 0.8

title:Mac に搭載されている macOS を調べるurl:https://support.apple.com/ja-jp/HT201260

Trust: 0.8

title:Multiple Apple product WebKit Fix for component buffer error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105603

Trust: 0.6

title:Red Hat: Moderate: GNOME security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204451 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Quay v3.3.3 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210050 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210190 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Service Telemetry Framework 1.4 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225924 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: webkitgtk4 security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204035 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210436 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.10.3 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220056 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20205605 - Security Advisory

Trust: 0.1

title:Amazon Linux 2: ALAS2-2020-1563url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2020-1563

Trust: 0.1

sources: VULMON: CVE-2019-8819 // JVNDB: JVNDB-2019-011304 // CNNVD: CNNVD-201910-1757

EXTERNAL IDS

db:NVDid:CVE-2019-8819

Trust: 3.4

db:PACKETSTORMid:159816

Trust: 0.8

db:JVNid:JVNVU96749516

Trust: 0.8

db:JVNDBid:JVNDB-2019-011304

Trust: 0.8

db:CNNVDid:CNNVD-201910-1757

Trust: 0.7

db:PACKETSTORMid:155216

Trust: 0.7

db:PACKETSTORMid:156742

Trust: 0.7

db:AUSCERTid:ESB-2020.4513

Trust: 0.6

db:AUSCERTid:ESB-2020.1549

Trust: 0.6

db:AUSCERTid:ESB-2019.4012

Trust: 0.6

db:AUSCERTid:ESB-2022.1025

Trust: 0.6

db:AUSCERTid:ESB-2021.0864

Trust: 0.6

db:AUSCERTid:ESB-2021.0691

Trust: 0.6

db:AUSCERTid:ESB-2019.4233

Trust: 0.6

db:AUSCERTid:ESB-2021.0584

Trust: 0.6

db:AUSCERTid:ESB-2021.0099

Trust: 0.6

db:AUSCERTid:ESB-2020.3399

Trust: 0.6

db:AUSCERTid:ESB-2021.0234

Trust: 0.6

db:AUSCERTid:ESB-2019.4456

Trust: 0.6

db:AUSCERTid:ESB-2020.3893

Trust: 0.6

db:PACKETSTORMid:155069

Trust: 0.6

db:CNVDid:CNVD-2020-14245

Trust: 0.1

db:VULHUBid:VHN-160254

Trust: 0.1

db:VULMONid:CVE-2019-8819

Trust: 0.1

db:PACKETSTORMid:160624

Trust: 0.1

db:PACKETSTORMid:161429

Trust: 0.1

db:PACKETSTORMid:161016

Trust: 0.1

db:PACKETSTORMid:159375

Trust: 0.1

db:PACKETSTORMid:168011

Trust: 0.1

sources: VULHUB: VHN-160254 // VULMON: CVE-2019-8819 // JVNDB: JVNDB-2019-011304 // PACKETSTORM: 160624 // PACKETSTORM: 161429 // PACKETSTORM: 161016 // PACKETSTORM: 159375 // PACKETSTORM: 155216 // PACKETSTORM: 159816 // PACKETSTORM: 156742 // PACKETSTORM: 168011 // CNNVD: CNNVD-201910-1757 // NVD: CVE-2019-8819

REFERENCES

url:https://security.gentoo.org/glsa/202003-22

Trust: 1.9

url:https://support.apple.com/ht210721

Trust: 1.8

url:https://support.apple.com/ht210723

Trust: 1.8

url:https://support.apple.com/ht210725

Trust: 1.8

url:https://support.apple.com/ht210726

Trust: 1.8

url:https://support.apple.com/ht210727

Trust: 1.8

url:https://support.apple.com/ht210728

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8819

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-8710

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-8743

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-8812

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8813

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8764

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8823

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8814

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8815

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8766

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8816

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8782

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8820

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8783

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8811

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8822

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-8765

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-8821

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-8735

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8788

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8803

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8815

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8766

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8735

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8789

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8804

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8816

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8775

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8793

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8805

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8710

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8819

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8782

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8794

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8807

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8743

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8820

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8783

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8795

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8811

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8747

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8821

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8784

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8797

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8812

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8750

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8822

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8785

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8798

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8813

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8764

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8823

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8786

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8802

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8814

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8765

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8787

Trust: 0.8

url:https://jvn.jp/vu/jvnvu96749516/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8750

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8785

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8797

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8786

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8798

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8787

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8802

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8788

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8803

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8804

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8775

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8789

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8805

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8793

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8807

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8794

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8747

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8784

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8795

Trust: 0.8

url:https://wpewebkit.org/security/wsa-2019-0006.html

Trust: 0.7

url:https://webkitgtk.org/security/wsa-2019-0006.html

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2019-8625

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8812

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3899

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8819

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3867

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8720

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8808

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3902

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3900

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8820

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8769

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8710

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8813

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8811

Trust: 0.6

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3885

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-10018

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8835

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8764

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8844

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3865

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3864

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3862

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3901

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8823

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3895

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-11793

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8816

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8771

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3897

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8814

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8743

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8815

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8783

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8766

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8846

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3868

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-3894

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-8782

Trust: 0.6

url:https://support.apple.com/en-au/ht201222

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193044-1.html

Trust: 0.6

url:https://support.apple.com/en-us/ht210725

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1025

Trust: 0.6

url:https://support.apple.com/en-us/ht210728

Trust: 0.6

url:https://packetstormsecurity.com/files/155069/apple-security-advisory-2019-10-29-3.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1549/

Trust: 0.6

url:https://packetstormsecurity.com/files/159816/red-hat-security-advisory-2020-4451-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0864

Trust: 0.6

url:https://packetstormsecurity.com/files/155216/webkitgtk-wpe-webkit-code-execution-xss.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4456/

Trust: 0.6

url:https://packetstormsecurity.com/files/156742/gentoo-linux-security-advisory-202003-22.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0691

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4012/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4233/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4513/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-30746

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0099/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0234/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0584

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3399/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3893/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-9925

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9802

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9895

Trust: 0.5

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9893

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9805

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9807

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9850

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9803

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9862

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-15503

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-14391

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9894

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9843

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9806

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-9915

Trust: 0.5

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-8720

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-8625

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-13050

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-1730

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-20454

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-13627

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-13050

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-14889

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-20807

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-20907

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20218

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20388

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-15165

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14382

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-11068

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19221

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-18197

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1751

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-7595

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-16168

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8177

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-9327

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-1551

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-16935

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20916

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5018

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19956

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14422

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19906

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20387

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1752

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8492

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-6405

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13632

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-10029

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13630

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-11068

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13631

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20454

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20807

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-14889

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-13627

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-8808

Trust: 0.3

url:https://access.redhat.com/errata/rhsa-2020:4451

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-1971

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-18197

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20907

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19906

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-5018

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24659

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19956

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-1551

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20387

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20916

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.6/updating/updating-cluster

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19221

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-15165

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-16935

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20388

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-16168

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20218

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8835

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8771

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8769

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8844

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3862

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8846

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://seclists.org/fulldisclosure/2019/oct/50

Trust: 0.1

url:https://alas.aws.amazon.com/al2/alas-2020-1563.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16300

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14466

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10105

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-15166

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16230

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18609

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-16845

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14467

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10103

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14469

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16229

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14882

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16227

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14461

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14881

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14464

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14463

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16228

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14879

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_openshift_container_s

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14469

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10105

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14880

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14461

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:5605

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25660

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14468

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14466

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14882

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15586

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16227

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14464

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16452

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16230

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14468

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14467

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14462

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14880

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14881

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16300

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14462

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16229

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16451

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10103

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16228

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14463

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16451

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14879

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14019

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14470

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14470

Trust: 0.1

url:https://bugzilla.redhat.com/show_bug.cgi?id=1885700]

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16452

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-7720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8237

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20386

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20386

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0436

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17450

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0190

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17450

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27813

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8768

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8535

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8611

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8544

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8611

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-6251

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8676

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8583

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8608

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11070

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8597

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8607

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8733

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8707

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8658

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8535

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8623

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8551

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8594

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8609

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8587

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8690

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8601

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8524

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8688

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8595

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8765

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8601

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8596

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8524

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8821

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8536

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8686

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8671

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8763

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8544

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8571

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8677

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8595

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8558

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8679

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8594

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8674

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8619

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8622

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8678

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8681

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8584

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-6237

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8669

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8673

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4035

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8559

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8687

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8558

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8672

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8608

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8615

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8666

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8571

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8684

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8689

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8735

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8563

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8551

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8586

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8726

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8615

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8596

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8610

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8610

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11070

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8644

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-6237

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8607

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8506

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8584

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8563

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8536

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8586

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8680

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8559

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-6251

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8609

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8822

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8587

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8683

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8506

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8649

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8583

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8597

Trust: 0.1

url:https://wpewebkit.org/security/.

Trust: 0.1

url:https://webkitgtk.org/security.html

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11793

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10018

Trust: 0.1

url:https://access.redhat.com/site/solutions/537113

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14391

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15503

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3867

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3868

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8733

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8707

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3864

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3865

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8674

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8763

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8768

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8726

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30761

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-14502

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-10228

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1000858

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33938

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27618

Trust: 0.1

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-10228

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9952

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24407

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1271

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36222

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3326

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20305

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22946

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1000858

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-14502

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15358

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29361

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9169

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3518

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33930

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3541

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33929

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29362

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8927

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3520

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22947

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3521

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25013

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3537

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30666

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3517

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33928

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30631

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23852

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3516

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5924

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13434

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25013

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30762

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0778

Trust: 0.1

sources: VULHUB: VHN-160254 // VULMON: CVE-2019-8819 // JVNDB: JVNDB-2019-011304 // PACKETSTORM: 160624 // PACKETSTORM: 161429 // PACKETSTORM: 161016 // PACKETSTORM: 159375 // PACKETSTORM: 155216 // PACKETSTORM: 159816 // PACKETSTORM: 156742 // PACKETSTORM: 168011 // CNNVD: CNNVD-201910-1757 // NVD: CVE-2019-8819

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 160624 // PACKETSTORM: 161429 // PACKETSTORM: 161016 // PACKETSTORM: 159375 // PACKETSTORM: 159816 // PACKETSTORM: 168011

SOURCES

db:VULHUBid:VHN-160254
db:VULMONid:CVE-2019-8819
db:JVNDBid:JVNDB-2019-011304
db:PACKETSTORMid:160624
db:PACKETSTORMid:161429
db:PACKETSTORMid:161016
db:PACKETSTORMid:159375
db:PACKETSTORMid:155216
db:PACKETSTORMid:159816
db:PACKETSTORMid:156742
db:PACKETSTORMid:168011
db:CNNVDid:CNNVD-201910-1757
db:NVDid:CVE-2019-8819

LAST UPDATE DATE

2024-11-20T19:59:03.819000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-160254date:2020-03-15T00:00:00
db:VULMONid:CVE-2019-8819date:2021-12-01T00:00:00
db:JVNDBid:JVNDB-2019-011304date:2020-01-07T00:00:00
db:CNNVDid:CNNVD-201910-1757date:2022-03-11T00:00:00
db:NVDid:CVE-2019-8819date:2021-12-01T17:36:55.873

SOURCES RELEASE DATE

db:VULHUBid:VHN-160254date:2019-12-18T00:00:00
db:VULMONid:CVE-2019-8819date:2019-12-18T00:00:00
db:JVNDBid:JVNDB-2019-011304date:2019-11-01T00:00:00
db:PACKETSTORMid:160624date:2020-12-18T19:14:41
db:PACKETSTORMid:161429date:2021-02-16T15:44:48
db:PACKETSTORMid:161016date:2021-01-19T14:45:45
db:PACKETSTORMid:159375date:2020-09-30T15:47:21
db:PACKETSTORMid:155216date:2019-11-08T15:45:31
db:PACKETSTORMid:159816date:2020-11-04T15:24:00
db:PACKETSTORMid:156742date:2020-03-15T14:00:23
db:PACKETSTORMid:168011date:2022-08-09T14:36:05
db:CNNVDid:CNNVD-201910-1757date:2019-10-30T00:00:00
db:NVDid:CVE-2019-8819date:2019-12-18T18:15:44.413