ID

VAR-202010-0251


CVE

CVE-2019-17006


TITLE

Mozilla NSS Data forgery problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-201912-1134

DESCRIPTION

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow. Bug Fix(es): * Gather image registry config (backport to 4.3) (BZ#1836815) * Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist (BZ#1849176) * Login with OpenShift not working after cluster upgrade (BZ#1852429) * Limit the size of gathered federated metrics from alerts in Insights Operator (BZ#1874018) * [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs (BZ#1879110) * [release 4.3] OpenShift APIs become unavailable for more than 15 minutes after one of master nodes went down(OAuth) (BZ#1880293) You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-x86_64 The image digest is sha256:9ff90174a170379e90a9ead6e0d8cf6f439004191f80762764a5ca3dbaab01dc (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-s390x The image digest is sha256:605ddde0442e604cfe2d6bd1541ce48df5956fe626edf9cc95b1fca75d231b64 (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-ppc64le The image digest is sha256:d3c9e391c145338eae3feb7f6a4e487dadc8139a353117d642fe686d277bcccc 3. Solution: For OpenShift Container Platform 4.3 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.3/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1836815 - Gather image registry config (backport to 4.3) 1849176 - Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist 1874018 - Limit the size of gathered federated metrics from alerts in Insights Operator 1874399 - [DR] etcd-member-recover.sh fails to pull image with unauthorized 1879110 - [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs 5. 7.7) - ppc64, ppc64le, s390x, x86_64 3. Ansible Automation Platform manages Ansible Platform jobs and workflows that can interface with any infrastructure on a Red Hat OpenShift Container Platform cluster, or on a traditional infrastructure that is running off-cluster. Bugs fixed (https://bugzilla.redhat.com/): 1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module 1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values 1916813 - CVE-2021-20191 ansible: multiple modules expose secured values 1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option 1939349 - CVE-2021-3447 ansible: multiple modules expose secured values 5. Description: Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 5. Solution: For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html 4. Description: Red Hat OpenShift Do (odo) is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based and requires no server within the OpenShift cluster for deployment. It detects changes to local code and deploys it to the cluster automatically, giving instant feedback to validate changes in real-time. It supports multiple programming languages and frameworks. The advisory addresses the following issues: * Re-release of odo-init-image 1.1.3 for security updates 3. Solution: Download and install a new CLI binary by following the instructions linked from the References section. Bugs fixed (https://bugzilla.redhat.com/): 1832983 - Release of 1.1.3 odo-init-image 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: nss and nspr security, bug fix, and enhancement update Advisory ID: RHSA-2020:3280-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3280 Issue date: 2020-08-03 CVE Names: CVE-2019-11756 CVE-2019-17006 CVE-2019-17023 CVE-2020-12402 ==================================================================== 1. Summary: An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nspr (4.25.0). (BZ#1809549, BZ#1809550) Security Fix(es): * nss: UAF in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Install of update of nss.x86_64 adds i686 into transaction (BZ#1663187) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1691409) * TLS Keying Material Exporter is unsupported by command line tools (BZ#1691454) * TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible (BZ#1711375) * Make TLS 1.3 work in FIPS mode (BZ#1724250) * NSS rejects records with large padding with SHA384 HMAC (BZ#1750921) * NSS missing IKEv1 Quick Mode KDF (BZ#1809637) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1825270) * FIPS needs nss to restrict valid dh primes to those primes that are approved. (BZ#1854564) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1855825) Enhancement(s): * [RFE] nss should use AES for storage of keys (BZ#1723819) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1663187 - Install of update of nss.x86_64 adds i686 into transaction 1691454 - TLS Keying Material Exporter is unsupported by command line tools 1711375 - TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible 1724250 - Make TLS 1.3 work in FIPS mode [rhel-8] 1750921 - NSS rejects records with large padding with SHA384 HMAC 1774835 - CVE-2019-11756 nss: UAF in sftk_FreeSession due to improper refcounting 1775916 - CVE-2019-17006 nss: Check length of inputs for cryptographic primitives 1791225 - CVE-2019-17023 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state 1809637 - NSS missing IKEv1 Quick Mode KDF 1825270 - Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name 1826231 - CVE-2020-12402 nss: Side channel vulnerabilities during RSA key generation 1854564 - FIPS needs nss to restrict valid dh primes to those primes that are approved. [rhel-8.2.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: nspr-4.25.0-2.el8_2.src.rpm nss-3.53.1-11.el8_2.src.rpm aarch64: nspr-4.25.0-2.el8_2.aarch64.rpm nspr-debuginfo-4.25.0-2.el8_2.aarch64.rpm nspr-debugsource-4.25.0-2.el8_2.aarch64.rpm nspr-devel-4.25.0-2.el8_2.aarch64.rpm nss-3.53.1-11.el8_2.aarch64.rpm nss-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-debugsource-3.53.1-11.el8_2.aarch64.rpm nss-devel-3.53.1-11.el8_2.aarch64.rpm nss-softokn-3.53.1-11.el8_2.aarch64.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-softokn-devel-3.53.1-11.el8_2.aarch64.rpm nss-softokn-freebl-3.53.1-11.el8_2.aarch64.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.aarch64.rpm nss-sysinit-3.53.1-11.el8_2.aarch64.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-tools-3.53.1-11.el8_2.aarch64.rpm nss-tools-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-util-3.53.1-11.el8_2.aarch64.rpm nss-util-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-util-devel-3.53.1-11.el8_2.aarch64.rpm ppc64le: nspr-4.25.0-2.el8_2.ppc64le.rpm nspr-debuginfo-4.25.0-2.el8_2.ppc64le.rpm nspr-debugsource-4.25.0-2.el8_2.ppc64le.rpm nspr-devel-4.25.0-2.el8_2.ppc64le.rpm nss-3.53.1-11.el8_2.ppc64le.rpm nss-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-debugsource-3.53.1-11.el8_2.ppc64le.rpm nss-devel-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-devel-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-freebl-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.ppc64le.rpm nss-sysinit-3.53.1-11.el8_2.ppc64le.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-tools-3.53.1-11.el8_2.ppc64le.rpm nss-tools-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-util-3.53.1-11.el8_2.ppc64le.rpm nss-util-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-util-devel-3.53.1-11.el8_2.ppc64le.rpm s390x: nspr-4.25.0-2.el8_2.s390x.rpm nspr-debuginfo-4.25.0-2.el8_2.s390x.rpm nspr-debugsource-4.25.0-2.el8_2.s390x.rpm nspr-devel-4.25.0-2.el8_2.s390x.rpm nss-3.53.1-11.el8_2.s390x.rpm nss-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-debugsource-3.53.1-11.el8_2.s390x.rpm nss-devel-3.53.1-11.el8_2.s390x.rpm nss-softokn-3.53.1-11.el8_2.s390x.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-softokn-devel-3.53.1-11.el8_2.s390x.rpm nss-softokn-freebl-3.53.1-11.el8_2.s390x.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.s390x.rpm nss-sysinit-3.53.1-11.el8_2.s390x.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-tools-3.53.1-11.el8_2.s390x.rpm nss-tools-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-util-3.53.1-11.el8_2.s390x.rpm nss-util-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-util-devel-3.53.1-11.el8_2.s390x.rpm x86_64: nspr-4.25.0-2.el8_2.i686.rpm nspr-4.25.0-2.el8_2.x86_64.rpm nspr-debuginfo-4.25.0-2.el8_2.i686.rpm nspr-debuginfo-4.25.0-2.el8_2.x86_64.rpm nspr-debugsource-4.25.0-2.el8_2.i686.rpm nspr-debugsource-4.25.0-2.el8_2.x86_64.rpm nspr-devel-4.25.0-2.el8_2.i686.rpm nspr-devel-4.25.0-2.el8_2.x86_64.rpm nss-3.53.1-11.el8_2.i686.rpm nss-3.53.1-11.el8_2.x86_64.rpm nss-debuginfo-3.53.1-11.el8_2.i686.rpm nss-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-debugsource-3.53.1-11.el8_2.i686.rpm nss-debugsource-3.53.1-11.el8_2.x86_64.rpm nss-devel-3.53.1-11.el8_2.i686.rpm nss-devel-3.53.1-11.el8_2.x86_64.rpm nss-softokn-3.53.1-11.el8_2.i686.rpm nss-softokn-3.53.1-11.el8_2.x86_64.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.i686.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-softokn-devel-3.53.1-11.el8_2.i686.rpm nss-softokn-devel-3.53.1-11.el8_2.x86_64.rpm nss-softokn-freebl-3.53.1-11.el8_2.i686.rpm nss-softokn-freebl-3.53.1-11.el8_2.x86_64.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.i686.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.i686.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.x86_64.rpm nss-sysinit-3.53.1-11.el8_2.x86_64.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.i686.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-tools-3.53.1-11.el8_2.x86_64.rpm nss-tools-debuginfo-3.53.1-11.el8_2.i686.rpm nss-tools-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-util-3.53.1-11.el8_2.i686.rpm nss-util-3.53.1-11.el8_2.x86_64.rpm nss-util-debuginfo-3.53.1-11.el8_2.i686.rpm nss-util-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-util-devel-3.53.1-11.el8_2.i686.rpm nss-util-devel-3.53.1-11.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-11756 https://access.redhat.com/security/cve/CVE-2019-17006 https://access.redhat.com/security/cve/CVE-2019-17023 https://access.redhat.com/security/cve/CVE-2020-12402 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXygK2tzjgjWX9erEAQh0Aw/+LaczkzsxBl+tYKZywwODehAp/M3l8/jt fB2SDHzLAHWCW8rs6S0c9Xu2Bgny8JnCh3sqHHZU3FfUjc7sb1OXhLrBNpLBcuqi lEsVxW1DTDggVG+L6NPCttadHFiPofFW6uVAJe0PaZzsMxHwXCxL+YJriAIzt0vf /dTUEUPVo1erv/DjfI3jycgKwmgeVpsZEcame/vD0gcSx3nBvdjFsCpSU9lddcp4 ziKp5Dh/nHF50ARggt4xQcU5q6g6Zpd7qlp3NeWOZCPk/HidlVPO3ertrhcM4BzZ abND+jg3cPAu+drzlb0qhxDxrXLmGpK6JxcieMcj4Uqw117IxrSfep9AtFol7tjb it81cjQh8MOHxHisBMeiY9LM6Cqu6dED+CKynaBKSVJIjko0nzlzst0vVDAsvxB4 qQFD5kWJ47jEkH2E8sFIS2IU4+yASHiWi8D+ybZjz4uiQG3CtYgE7YTbowoE/Ecw bFigQXNmjj6np61h1Y7zMsZt2VRp4nQfk0tbmLgcdS/eRKBzs7nr0NfvTo/vWvQT /wRkDSf2DuoPgFYGIIc2OaMt3OCBZJsVWSIusmS3PmUglVIhHbbA5XacMLwJxzuz oHp62/RF0+yVfSQFggjn6lWqxqMCTvXbczH6yDSelxx6+4CLi88jjLh7ujr7mmnV WWt+Qo5f7BI=oabi -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . For the stable distribution (buster), these problems have been fixed in version 2:3.42.1-1+deb10u3. For the detailed security status of nss please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nss Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8R6BYACgkQEMKTtsN8 Tjbolg/9H3VC4r4Wmc8A4OejmH67QEZqyhzCxvd4UCpvLTJuY9JOYGy3KVhClnsz XDTqyQ8k5ez7OQt5HLy3giLJpMKUSYuSDJSbK0A3DTO5bKVg17Uol5X6RA7Coz/2 yJRRWH03dTfRoqaWQ8xHigBChTxMdYhkvh6433DzLpbuj+FV77FcivjTxZB2zFrp tHuvzN9exI4+aZCFAZPyRFct0vYHpHCP8qzgD+FMflInzBAARFPjnx8+c50+Hlp2 cB/Iq3L5EiE5T1azAAD8fgKqEGnF9OHjWxBONhXqXwhvnKKqfrLIpMf+oBvr8OEZ rKZElK0wQb6z24vDiDxFR8C8EuigYpV3YDsWwu3V8M71igw8DJseHQ/UnC4dT/Y3 QTtNtcWcheM5qiOnkiHCCZsybglI6NbdxPwfnhv9ltnunipFPtE8A56QQuOXGIcc 4P/5tRlRwAVSy+JZVCbJu7jrBe/y02RYXb6Sv5hZ0iqUAZadiFlJC0WdvWAOLJsL Z/IrRkH7KMwchOAxp5NY6qHfxXHKjFvfahglFkDsaYoEwVROKjhG5idn3NVCc656 tP5rcl1dQY4LHQZEESgps86uJGy9+8NpHHU9v9fqFZNlkBfYBWTZv0otzssOwPfu QIq7f2J77JHM8ldYzmfDVQnWBnKpnjc/B8UmvaaAkEM73N3MPu0= =VQPA -----END PGP SIGNATURE-----

Trust: 1.71

sources: NVD: CVE-2019-17006 // VULMON: CVE-2019-17006 // PACKETSTORM: 159661 // PACKETSTORM: 162026 // PACKETSTORM: 162142 // PACKETSTORM: 162130 // PACKETSTORM: 159553 // PACKETSTORM: 161916 // PACKETSTORM: 158724 // PACKETSTORM: 168879

AFFECTED PRODUCTS

vendor:siemensmodel:ruggedcom rox rx1400scope:ltversion:2.14.0

Trust: 1.0

vendor:siemensmodel:ruggedcom rox rx1512scope:ltversion:2.14.0

Trust: 1.0

vendor:netappmodel:hci storage nodescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:ruggedcom rox rx1510scope:ltversion:2.14.0

Trust: 1.0

vendor:siemensmodel:ruggedcom rox rx5000scope:ltversion:2.14.0

Trust: 1.0

vendor:siemensmodel:ruggedcom rox rx1501scope:ltversion:2.14.0

Trust: 1.0

vendor:netappmodel:hci management nodescope:eqversion: -

Trust: 1.0

vendor:netappmodel:solidfirescope:eqversion: -

Trust: 1.0

vendor:netappmodel:hci compute nodescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:ruggedcom rox rx1511scope:ltversion:2.14.0

Trust: 1.0

vendor:siemensmodel:ruggedcom rox mx5000scope:ltversion:2.14.0

Trust: 1.0

vendor:siemensmodel:ruggedcom rox rx1500scope:ltversion:2.14.0

Trust: 1.0

vendor:mozillamodel:network security servicesscope:ltversion:3.46

Trust: 1.0

sources: NVD: CVE-2019-17006

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-17006
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-201912-1134
value: CRITICAL

Trust: 0.6

VULMON: CVE-2019-17006
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-17006
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2019-17006
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULMON: CVE-2019-17006 // CNNVD: CNNVD-201912-1134 // NVD: CVE-2019-17006

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-20

Trust: 1.0

sources: NVD: CVE-2019-17006

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201912-1134

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-201912-1134

PATCH

title:Mozilla Network Security Services Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105845

Trust: 0.6

title:Ubuntu Security Notice: nss vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4231-1

Trust: 0.1

title:Red Hat: Moderate: nss and nspr security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203280 - Security Advisory

Trust: 0.1

title:IBM: Security Bulletin: A security vulnerabilitiy has been fixed in IBM Security Identity Manager Virtual Appliance(CVE-2019-17006)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=a91447c5697ecfb6bbab6f4cf67cb949

Trust: 0.1

title:Red Hat: Moderate: nss and nspr security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204076 - Security Advisory

Trust: 0.1

title:Debian Security Advisories: DSA-4726-1 nss -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=2610caa3eacc40f97585be7c579718bd

Trust: 0.1

title:Red Hat: Low: OpenShift Virtualization 2.4.2 Imagesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204201 - Security Advisory

Trust: 0.1

title:IBM: Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=52844442ae85845bde006e7f0170408e

Trust: 0.1

title:Red Hat: Moderate: security update - Red Hat Ansible Tower 3.6 runner release (CVE-2019-18874)url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204255 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204254 - Security Advisory

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=409c1cd1b8ef401020956950fd839000

Trust: 0.1

title:Red Hat: Low: OpenShift Container Platform 4.3.40 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204264 - Security Advisory

Trust: 0.1

title:zoturl:https://github.com/anuvu/zot

Trust: 0.1

sources: VULMON: CVE-2019-17006 // CNNVD: CNNVD-201912-1134

EXTERNAL IDS

db:NVDid:CVE-2019-17006

Trust: 2.5

db:SIEMENSid:SSA-379803

Trust: 1.7

db:ICS CERTid:ICSA-21-040-04

Trust: 1.7

db:PACKETSTORMid:159661

Trust: 0.7

db:PACKETSTORMid:162026

Trust: 0.7

db:PACKETSTORMid:162142

Trust: 0.7

db:PACKETSTORMid:162130

Trust: 0.7

db:PACKETSTORMid:159553

Trust: 0.7

db:PACKETSTORMid:161916

Trust: 0.7

db:PACKETSTORMid:158724

Trust: 0.7

db:AUSCERTid:ESB-2021.0491

Trust: 0.6

db:AUSCERTid:ESB-2020.3355

Trust: 0.6

db:AUSCERTid:ESB-2020.3535

Trust: 0.6

db:AUSCERTid:ESB-2021.2604

Trust: 0.6

db:AUSCERTid:ESB-2020.2650

Trust: 0.6

db:AUSCERTid:ESB-2020.0072

Trust: 0.6

db:AUSCERTid:ESB-2021.0933

Trust: 0.6

db:AUSCERTid:ESB-2020.3461

Trust: 0.6

db:AUSCERTid:ESB-2021.1193

Trust: 0.6

db:AUSCERTid:ESB-2020.0053

Trust: 0.6

db:AUSCERTid:ESB-2021.0834

Trust: 0.6

db:AUSCERTid:ESB-2020.2446

Trust: 0.6

db:AUSCERTid:ESB-2021.0986

Trust: 0.6

db:AUSCERTid:ESB-2020.0136

Trust: 0.6

db:AUSCERTid:ESB-2020.0001

Trust: 0.6

db:AUSCERTid:ESB-2020.3631

Trust: 0.6

db:AUSCERTid:ESB-2021.1091

Trust: 0.6

db:AUSCERTid:ESB-2021.1207

Trust: 0.6

db:PACKETSTORMid:159396

Trust: 0.6

db:PACKETSTORMid:161706

Trust: 0.6

db:PACKETSTORMid:159497

Trust: 0.6

db:PACKETSTORMid:161842

Trust: 0.6

db:PACKETSTORMid:155889

Trust: 0.6

db:CS-HELPid:SB2021071301

Trust: 0.6

db:CS-HELPid:SB2021043017

Trust: 0.6

db:CNNVDid:CNNVD-201912-1134

Trust: 0.6

db:VULMONid:CVE-2019-17006

Trust: 0.1

db:PACKETSTORMid:168879

Trust: 0.1

sources: VULMON: CVE-2019-17006 // PACKETSTORM: 159661 // PACKETSTORM: 162026 // PACKETSTORM: 162142 // PACKETSTORM: 162130 // PACKETSTORM: 159553 // PACKETSTORM: 161916 // PACKETSTORM: 158724 // PACKETSTORM: 168879 // CNNVD: CNNVD-201912-1134 // NVD: CVE-2019-17006

REFERENCES

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04

Trust: 2.3

url:https://developer.mozilla.org/en-us/docs/mozilla/projects/nss/nss_3.46_release_notes

Trust: 1.7

url:https://bugzilla.mozilla.org/show_bug.cgi?id=1539788

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20210129-0001/

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-17006

Trust: 1.4

url:https://access.redhat.com/security/cve/cve-2019-17006

Trust: 1.3

url:https://usn.ubuntu.com/4231-1/

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-17023

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-11756

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2019-11756

Trust: 0.7

url:https://bugzilla.redhat.com/):

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2019-17023

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-12403

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-12402

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193395-1.html

Trust: 0.6

url:https://www.debian.org/lts/security/2020/dla-2058

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2020/suse-su-20200088-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3535/

Trust: 0.6

url:https://packetstormsecurity.com/files/155889/ubuntu-security-notice-usn-4231-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/159396/red-hat-security-advisory-2020-4076-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0072/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0136/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1207

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0834

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0933

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerabilitiy-has-been-fixed-in-ibm-security-identity-manager-virtual-appliancecve-2019-17006/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-a-security-vulnerability-cve-2019-17006-cve-2019-17023-cve-2020-12403/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-nss-and-nspr-cve-2019-17006/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3355/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1091

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1193

Trust: 0.6

url:https://packetstormsecurity.com/files/159497/red-hat-security-advisory-2020-4201-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/159553/red-hat-security-advisory-2020-4255-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-identity-manager-is-affected-by-security-vulnerabilities-7/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0986

Trust: 0.6

url:https://vigilance.fr/vulnerability/mozilla-nss-buffer-overflow-via-cryptographic-primitives-31248

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0053/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021071301

Trust: 0.6

url:https://packetstormsecurity.com/files/158724/red-hat-security-advisory-2020-3280-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2650/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0001/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2604

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0491

Trust: 0.6

url:https://packetstormsecurity.com/files/161706/red-hat-security-advisory-2021-0758-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2446/

Trust: 0.6

url:https://packetstormsecurity.com/files/159661/red-hat-security-advisory-2020-4264-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021043017

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-a-security-vulnerability-cve-2019-17006-cve-2019-17023-cve-2020-12403-2/

Trust: 0.6

url:https://packetstormsecurity.com/files/161916/red-hat-security-advisory-2021-0949-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162142/red-hat-security-advisory-2021-1079-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/161842/red-hat-security-advisory-2021-0876-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3461/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3631/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-multiple-mozilla-firefox-vulnerabilities/

Trust: 0.6

url:https://packetstormsecurity.com/files/162026/red-hat-security-advisory-2021-1026-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162130/red-hat-security-advisory-2021-1129-01.html

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-12749

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-6829

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-20388

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-12243

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-17498

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-12749

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-7595

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-19956

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-5094

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-19956

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-12400

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-11727

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-11719

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-5188

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-12401

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-11719

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-20388

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-5094

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-11727

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-5188

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-17498

Trust: 0.5

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-12402

Trust: 0.5

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-12403

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-12243

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-12400

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-19126

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2017-12652

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-14973

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-17546

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-14973

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2017-12652

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-17546

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-19126

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20907

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-1971

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-12401

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8177

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1971

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20907

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5482

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-16935

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-12450

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20386

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14822

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14822

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-16935

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-5482

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-12450

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20386

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9283

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-5313

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/345.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111311

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4264

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-2974

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11068

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2226

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2780

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2974

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2752

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2574

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14352

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2225

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12825

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-18190

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8696

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2181

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2182

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.3/updating/updating-cluster

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8675

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-18190

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2224

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11068

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2812

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1026

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1079

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15999

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20228

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3156

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3447

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-5313

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20191

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20180

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15999

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14422

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20178

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14422

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25211

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1129

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12723

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25645

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25656

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28374

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25705

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management/2.10/html-single/installing_3scale/index

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29661

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20265

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0427

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19532

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12723

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-7053

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14040

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14040

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0427

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19532

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-1240

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18874

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4255

Trust: 0.1

url:https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18874

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14365

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0949

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-8177

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.4/cli_reference/openshift_developer_cli/installing-odo.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-7595

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-6829

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:3280

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12399

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://security-tracker.debian.org/tracker/nss

Trust: 0.1

sources: VULMON: CVE-2019-17006 // PACKETSTORM: 159661 // PACKETSTORM: 162026 // PACKETSTORM: 162142 // PACKETSTORM: 162130 // PACKETSTORM: 159553 // PACKETSTORM: 161916 // PACKETSTORM: 158724 // PACKETSTORM: 168879 // CNNVD: CNNVD-201912-1134 // NVD: CVE-2019-17006

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 159661 // PACKETSTORM: 162026 // PACKETSTORM: 162142 // PACKETSTORM: 162130 // PACKETSTORM: 159553 // PACKETSTORM: 161916 // PACKETSTORM: 158724

SOURCES

db:VULMONid:CVE-2019-17006
db:PACKETSTORMid:159661
db:PACKETSTORMid:162026
db:PACKETSTORMid:162142
db:PACKETSTORMid:162130
db:PACKETSTORMid:159553
db:PACKETSTORMid:161916
db:PACKETSTORMid:158724
db:PACKETSTORMid:168879
db:CNNVDid:CNNVD-201912-1134
db:NVDid:CVE-2019-17006

LAST UPDATE DATE

2024-11-21T22:19:58.428000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2019-17006date:2021-02-19T00:00:00
db:CNNVDid:CNNVD-201912-1134date:2021-08-04T00:00:00
db:NVDid:CVE-2019-17006date:2021-07-21T11:39:23.747

SOURCES RELEASE DATE

db:VULMONid:CVE-2019-17006date:2020-10-22T00:00:00
db:PACKETSTORMid:159661date:2020-10-21T15:40:32
db:PACKETSTORMid:162026date:2021-03-30T14:29:43
db:PACKETSTORMid:162142date:2021-04-09T15:06:13
db:PACKETSTORMid:162130date:2021-04-08T14:00:00
db:PACKETSTORMid:159553date:2020-10-14T16:52:18
db:PACKETSTORMid:161916date:2021-03-22T15:36:55
db:PACKETSTORMid:158724date:2020-08-03T17:14:53
db:PACKETSTORMid:168879date:2020-07-28T19:12:00
db:CNNVDid:CNNVD-201912-1134date:2019-12-26T00:00:00
db:NVDid:CVE-2019-17006date:2020-10-22T21:15:12.560