Vulnerability Detection Pipeline

Upcoming and New QIDs

Browse, filter by detection status, or search by CVE to get visibility into upcoming and new detections (QIDs) for all severities.

Detection Status

Under investigation: We are researching a detection and will publish one if it is feasible.
In development: We are coding a detection and will typically publish it within a few days.
Recently published: We have published the detection on the date indicated, and it will typically be available in the KnowledgeBase on shared platforms within a day.

Non-Qualys customers can audit their network for all published vulnerabilities by signing up for a Qualys Free Trial or Qualys Community Edition.

172 results

CVE-2021-3177+
Python Buffer Overflow/Web Cache Poisoning Vulnerability
Severity
Urgent5
In Development
Qualys ID
375537
Vendor Reference
CVE-2021-23336, CVE-2021-3177
CVE Reference
CVE-2021-3177, CVE-2021-23336
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Python is an interpreted, high-level and general-purpose programming language.
CVE-2021-3177 : A vulnerability in Python 3 may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
Affected Versions:
Python Versions 3.X up to 3.6.12
Python Versions 3.7.0 up to 3.7.9
Python Versions 3.8.0 up to 3.8.7
Python Versions 3.9.0 up to 3.9.1
CVE-2021-23336 : A vulnerability in python may lead to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. Affected Versions:
Python Versions 0.X up to 3.6.12
Python Versions 3.7.0 up to 3.7.9
Python Versions 3.8.0 up to 3.8.7
Python Versions 3.9.0 up to 3.9.1
QID Detection Logic(Authenticated):
Detects the installed python version either from py.exe or patchlevel.h file.
Consequence
Successful exploitation of these vulnerability may allow an attacker to execute arbitrary command on the target system.
Solution
Vendor has release fix to this issue.
Refer to issue trackerCVE-2021-3177 to address this vulnerability and obtain further details.
Patches
CVE-2021-23336, CVE-2021-3177
CVE-2021-0473+
Google Android May 2021 Security Patch Missing for LGE
Severity
Urgent5
In Development
Qualys ID
610341
Vendor Reference
SMR-May-2021
CVE Reference
CVE-2021-0473, CVE-2021-0474, CVE-2021-0475, CVE-2020-25705, CVE-2020-11246, CVE-2020-11234, CVE-2020-15436, CVE-2020-29368, CVE-2020-11251, CVE-2020-11236, CVE-2020-11247, CVE-2020-11237, CVE-2020-11191, CVE-2020-11255, CVE-2020-11243, CVE-2021-0445, CVE-2021-0428, CVE-2021-0472, CVE-2021-0485, CVE-2021-0487, CVE-2021-0482, CVE-2021-0484, CVE-2021-0476, CVE-2021-0477, CVE-2021-0481, CVE-2021-0466, CVE-2021-0480, CVE-2021-0375, CVE-2021-0387, CVE-2021-0369, CVE-2021-0382, CVE-2021-0368, CVE-2021-0374, CVE-2021-0378, CVE-2021-0379, CVE-2021-0384, CVE-2021-0370, CVE-2021-0372, CVE-2021-0377, CVE-2021-0380, CVE-2021-0383, CVE-2021-0386, CVE-2021-0388, CVE-2021-0371
CVSS Scores
Base 9.1 / Temporal 7.9
Description
Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.
Following security issues were discovered:
CVE-2021-0473, CVE-2021-0474, CVE-2021-0475,CVE-2020-25705, CVE-2020-11246, CVE-2020-11234, CVE-2020-15436, CVE-2020-29368, CVE-2020-11251, CVE-2020-11236, CVE-2020-11247, CVE-2020-11237, CVE-2020-11191, CVE-2020-11255, CVE-2020-11243, CVE-2021-0445, CVE-2021-0428, CVE-2021-0472, CVE-2021-0485, CVE-2021-0487, CVE-2021-0482, CVE-2021-0484, CVE-2021-0476, CVE-2021-0477, CVE-2021-0481, CVE-2021-0466, CVE-2021-0480,CVE-2021-0375, CVE-2021-0387, CVE-2021-0369, CVE-2021-0382, CVE-2021-0368, CVE-2021-0374, CVE-2021-0378, CVE-2021-0379, CVE-2021-0384, CVE-2021-0370, CVE-2021-0372, CVE-2021-0377, CVE-2021-0380, CVE-2021-0383, CVE-2021-0386, CVE-2021-0388, CVE-2021-0371
Affected Products :
G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Refer to LGE Security advisory SMR-May-2021 to address this issue and obtain more information.
Patches
Android SMR-May-2021
CVE-2021-0473+
Google Android May 2021 Security Patch Missing for Samsung
Severity
Urgent5
In Development
Qualys ID
610340
Vendor Reference
SMR-May-2021
CVE Reference
CVE-2021-0473, CVE-2021-0474, CVE-2021-0475, CVE-2020-11210, CVE-2020-15436, CVE-2020-25705, CVE-2021-0468, CVE-2020-11234, CVE-2020-11191, CVE-2020-11236, CVE-2020-11237, CVE-2020-11242, CVE-2020-11243, CVE-2020-11245, CVE-2020-11246, CVE-2020-11247, CVE-2020-11251, CVE-2020-11252, CVE-2020-11255, CVE-2021-0445, CVE-2021-0428, CVE-2021-0472, CVE-2021-0485, CVE-2021-0487, CVE-2021-0482, CVE-2021-0484, CVE-2021-0476, CVE-2021-0477, CVE-2021-0481, CVE-2021-0466, CVE-2021-0480
CVSS Scores
Base 9.1 / Temporal 7.9
Description
Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.
Following security issues were discovered:
CVE-2021-0473 , CVE-2021-0474 , CVE-2021-0475 , CVE-2020-11210,CVE-2020-15436 , CVE-2020-25705 , CVE-2021-0468 , CVE-2020-11234 , CVE-2020-11191 , CVE-2020-11236 , CVE-2020-11237 , CVE-2020-11242 , CVE-2020-11243 , CVE-2020-11245 , CVE-2020-11246 , CVE-2020-11247 , CVE-2020-11251 , CVE-2020-11252 , CVE-2020-11255 , CVE-2021-0445 , CVE-2021-0428 , CVE-2021-0472 , CVE-2021-0485 , CVE-2021-0487 , CVE-2021-0482 , CVE-2021-0484 , CVE-2021-0476 , CVE-2021-0477 , CVE-2021-0481 , CVE-2021-0466 , CVE-2021-0480
Affected Products :
G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Refer to Samsung Security advisory SMR-May-2021 to address this issue and obtain more information.
Patches
Android SMR-May-2021
CVE-2020-0000
Re-Use
Severity
Urgent5
Under Investigation
Qualys ID
610339
Vendor Reference
May 2021
CVE Reference
CVE-2020-0000
CVSS Scores
Base / Temporal
Description
Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.
Following security issues were discovered:
CVE-2020-0000
Affected Devices :
HUAWEI P series: P30 Pro, P30, P20 Pro, P20
HUAWEI Mate series: Mate 20 X, Mate 20 Pro, Mate 20, Mate 20 RS, Mate 10 Pro, Mate 10, PORSCHE DESIGN HUAWEI Mate RS
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Refer to HUAWEI Security advisory May 2021 to address this issue and obtain more information.
Patches
Android May 2021
CVE-2020-11295+
Google Pixel Android May 2021 Security Patch Missing
Severity
Urgent5
In Development
Qualys ID
610337
Vendor Reference
Pixel Update Bulletin May2021
CVE Reference
CVE-2020-11295, CVE-2020-11294, CVE-2020-11293, CVE-2020-11254, CVE-2020-25656, CVE-2020-27825, CVE-2020-27786
CVSS Scores
Base 7.8 / Temporal 6.8
Description
Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.
Following security issues were discovered:
CVE-2020-11295,CVE-2020-11294,CVE-2020-11293,CVE-2020-11254,CVE-2020-25656,CVE-2020-27825,CVE-2020-27786
Affected Products :
Pixel 4 XL, Pixel 4, Pixel 3a XL, Pixel 3a, Pixel 3 XL, Pixel 3, Pixel 2 XL, Pixel 2
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Refer to Google Pixel advisory Google Pixel Android May2021 to address this issue and obtain more information.
Patches
Android May 2021
CVE-2021-25215
Red Hat Update for bind (RHSA-2021:1469)
Severity
Critical4
In Development
Qualys ID
239269
Vendor Reference
RHSA-2021:1469
CVE Reference
CVE-2021-25215
CVSS Scores
Base / Temporal
Description
The Berkeley Internet Name Domain (BIND)
is an implementation of the Domain Name System (DNS)
protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es): bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)
Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1469 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1469
CVE-2021-25215
Red Hat Update for bind (RHSA-2021:1477)
Severity
Critical4
In Development
Qualys ID
239268
Vendor Reference
RHSA-2021:1477
CVE Reference
CVE-2021-25215
CVSS Scores
Base / Temporal
Description
The Berkeley Internet Name Domain (BIND)
is an implementation of the Domain Name System (DNS)
protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es): bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1477 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1477
CVE-2021-25215
Red Hat Update for bind (RHSA-2021:1478)
Severity
Critical4
In Development
Qualys ID
239267
Vendor Reference
RHSA-2021:1478
CVE Reference
CVE-2021-25215
CVSS Scores
Base / Temporal
Description
The Berkeley Internet Name Domain (BIND)
is an implementation of the Domain Name System (DNS)
protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es): bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
Red Hat Enterprise Linux Server - AUS 7.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
Red Hat Enterprise Linux Server - TUS 7.6 x86_64
Red Hat Enterprise Linux for Power 9 7 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1478 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1478
CVE-2020-28935+
Ubuntu Security Notification for Unbound vulnerabilities (USN-4938-1)
Severity
Critical4
In Development
Qualys ID
198356
Vendor Reference
USN-4938-1
CVE Reference
CVE-2020-28935, CVE-2019-25041, CVE-2019-25036, CVE-2019-25039, CVE-2019-25042, CVE-2019-25034, CVE-2019-25032, CVE-2019-25035, CVE-2019-25038, CVE-2019-25040, CVE-2019-25033, CVE-2019-25037, CVE-2019-25031
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Unbound contained multiple security issues
Consequence
A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files
Solution
Refer to Ubuntu advisory: USN-4938-1 for affected packages and patching details, or update with your package manager.
Patches
Ubuntu Linux USN-4938-1
CVE-2020-9492
Apache Hadoop Privilege Escalation Vulnerability
Severity
Critical4
In Development
Qualys ID
375540
Vendor Reference
CVE-2020-9492
CVE Reference
CVE-2020-9492
CVSS Scores
Base 8.8 / Temporal 7.7
Description
Apache Hadoop is an open-source software framework used for distributed storage and processing of big data sets using the MapReduce programming model.
CVE-2017-3161: ebHDFS client might send SPNEGO authorization header to remote URL without proper verification. A crafty user can trigger services to send server credentials to a webhdfs path for capturing the service principal.
Affected Versions:
Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, 2.0.0-alpha to 2.10.0
QID Detection Logic:
This QID matches the versions of vulnerable Apache Hadoop installations by launching a Hadoop version request.
Consequence
Successful exploitation could allows privilege escalation.
Solution
Customers are advised to upgrade to Apache Hadoop 3.3.0, 3.2.2, 3.1.4, 2.10.1 or later versions to remediate these vulnerabilities.
Workaround:
Set different http signature secrets and use dedicated hosts for each privileged impersonation service (such as HiveServer2).
Patches
Apache Hadoop
CVE-2019-10208+
Red Hat Update for postgresql (RHSA-2021:1512)
Severity
Critical4
In Development
Qualys ID
239266
Vendor Reference
RHSA-2021:1512
CVE Reference
CVE-2019-10208, CVE-2020-25694, CVE-2020-25695
CVSS Scores
Base 8.8 / Temporal 7.7
Description
PostgreSQL is an advanced object-relational database management system (DBMS).
Security Fix(es): postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208)
Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1512 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1512
CVE-2020-25678+
Red Hat Update for Red Hat Ceph Storage (RHSA-2021:1452)
Severity
Critical4
In Development
Qualys ID
239270
Vendor Reference
RHSA-2021:1452
CVE Reference
CVE-2020-25678, CVE-2021-3139
CVSS Scores
Base 8.1 / Temporal 7.1
Description
Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage.Perf Tools is a collection of performance analysis tools, including a high performance multi-threaded malloc()
implementation that works particularly well with threads and STL, a thread-friendly heap-checker, a heap profiler, and a cpu-profiler.The tcmu-runner packages provide a service that handles the complexity of the LIO kernel target's userspace passthrough interface (TCMU). It presents a C plugin API for extension modules that handle SCSI requests in ways not possible or suitable to be handled by LIO's in-kernel backstores.
Security Fix(es): tcmu-runner: SCSI target (LIO)
write to any block on ILO backstore (CVE-2021-3139) ceph: mgr modules' passwords are in clear text in mgr logs (CVE-2020-25678)
Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Ceph Storage MON 4 for RHEL 8 x86_64
Red Hat Ceph Storage MON 4 for RHEL 7 x86_64
Red Hat Ceph Storage OSD 4 for RHEL 8 x86_64
Red Hat Ceph Storage OSD 4 for RHEL 7 x86_64
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Ceph Storage for Power 4 for RHEL 8 ppc64le
Red Hat Ceph Storage for Power 4 for RHEL 7 ppc64le
Red Hat Ceph Storage MON for Power 4 for RHEL 8 ppc64le
Red Hat Ceph Storage MON for Power 4 for RHEL 7 ppc64le
Red Hat Ceph Storage OSD for Power 4 for RHEL 8 ppc64le
Red Hat Ceph Storage OSD for Power 4 for RHEL 7 ppc64le
Red Hat Ceph Storage for IBM z Systems 4 s390x
Red Hat Ceph Storage MON for IBM z Systems 4 s390x
Red Hat Ceph Storage OSD for IBM z Systems 4 s390x
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1452 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1452
CVE-2021-0497+
Google Android Devices May 2021 Security Patch Missing
Severity
Critical4
In Development
Qualys ID
610338
Vendor Reference
Android Security Bulletin May2021
CVE Reference
CVE-2021-0497, CVE-2021-0496, CVE-2021-0495, CVE-2021-28664, CVE-2021-28663, CVE-2021-0492, CVE-2021-0491, CVE-2021-0490, CVE-2021-1906, CVE-2021-0498, CVE-2021-0494, CVE-2021-0493, CVE-2021-0324, CVE-2021-0475, CVE-2021-0474, CVE-2021-0477, CVE-2021-0476, CVE-2021-0473, CVE-2021-0472, CVE-2021-1910, CVE-2021-0480, CVE-2021-0481, CVE-2021-0482, CVE-2021-0484, CVE-2021-0485, CVE-2021-0487, CVE-2020-29661, CVE-2021-0489, CVE-2020-11288, CVE-2020-11284, CVE-2020-11285, CVE-2021-1915, CVE-2021-1905, CVE-2020-11279, CVE-2021-1891, CVE-2020-11289, CVE-2021-0466, CVE-2021-0467, CVE-2020-11273, CVE-2020-11274, CVE-2021-1927, CVE-2019-2219
CVSS Scores
Base 7.8 / Temporal 6.8
Description
Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.
Following security issues were discovered:
CVE-2021-0497,CVE-2021-0496,CVE-2021-0495,CVE-2021-28664,CVE-2021-28663,CVE-2021-0492,CVE-2021-0491,CVE-2021-0490,CVE-2021-1906,CVE-2021-0498,CVE-2021-0494,CVE-2021-0493,CVE-2021-0324,CVE-2021-0475,CVE-2021-0474,CVE-2021-0477,CVE-2021-0476,CVE-2021-0473,CVE-2021-0472,CVE-2021-1910,CVE-2021-0480,CVE-2021-0481,CVE-2021-0482,CVE-2021-0484,CVE-2021-0485,CVE-2021-0487,CVE-2020-29661,CVE-2021-0489,CVE-2020-11288,CVE-2020-11284,CVE-2020-11285,CVE-2021-1915,CVE-2021-1905,CVE-2020-11279,CVE-2021-1891,CVE-2020-11289,CVE-2021-0466,CVE-2021-0467,CVE-2020-11273,CVE-2020-11274,CVE-2021-1927,CVE-2019-2219
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Refer to Google advisory Google Android May2021 to address this issue and obtain more information.
Patches
Android May 2021
CVE-2021-21551
Dell Client Platform Security Update for Insufficient Access Control Vulnerability (DSA-2021-088)
Severity
Critical4
Under Investigation
Qualys ID
375541
Vendor Reference
DSA-2021-088
CVE Reference
CVE-2021-21551
CVSS Scores
Base 7.8 / Temporal 6.8
Description
Dell Client Platform is affected by an Insufficient Access Control Vulnerability in the Dell dbutil Driver. The vulnerability exists in the dbutil_2_3.sys driver which is installed on Dell Windows machines.
Affected Products
The vulnerable driver dbutil_2_3.sys was delivered to impacted systems in two ways: 1 via affected firmware update utility packages, and 2 via Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags
Consequence
Successful exploitation of the vulnerability will allow escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
Solution
Customers are advised to refer to advisory DSA-2021-088 and apply the required patched to remediate the vulnerability.
Workaround:
Manually remove the dbutil_2_3.sys driver, following locations need to checks for the presence of the file
- C:\Users\username\AppData\Local\Temp
- C:\Windows\Temp

Patches
DSA-2021-088
CVE-2020-11669+
Red Hat Update for kernel-alt (RHSA-2021:1379)
Severity
Critical4
In Development
Qualys ID
239271
Vendor Reference
RHSA-2021:1379
CVE Reference
CVE-2020-11669, CVE-2021-3347, CVE-2021-27364, CVE-2021-27365
CVSS Scores
Base 7.8 / Temporal 6.8
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) kernel: powerpc: guest can cause DoS on POWER9 KVM hosts (CVE-2020-11669)
Affected Products:

Red Hat Enterprise Linux for Power 9 7 ppc64le
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1379 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1379
CVE-2017-17458
EulerOS Security Update for mercurial (EulerOS-SA-2021-1816)
Severity
Urgent5
In Development
Qualys ID
670260
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1816
CVE Reference
CVE-2017-17458
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for mercurial to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1816
Patches
EulerOS-SA-2021-1816
CVE-2018-11805+
EulerOS Security Update for spamassassin (EulerOS-SA-2021-1851)
Severity
Urgent5
In Development
Qualys ID
670224
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1851
CVE Reference
CVE-2018-11805, CVE-2020-1946
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for spamassassin to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1851
Patches
EulerOS-SA-2021-1851
CVE-2020-13936
EulerOS Security Update for velocity (EulerOS-SA-2021-1858)
Severity
Urgent5
In Development
Qualys ID
670217
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1858
CVE Reference
CVE-2020-13936
CVSS Scores
Base 8.8 / Temporal 7.7
Description
Euler has released a security update for velocity to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1858
Patches
EulerOS-SA-2021-1858
CVE-2018-10876+
EulerOS Security Update for kernel (EulerOS-SA-2021-1808)
Severity
Urgent5
In Development
Qualys ID
670269
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1808
CVE Reference
CVE-2018-10876, CVE-2020-25656, CVE-2020-27777, CVE-2017-13305, CVE-2021-20261, CVE-2019-12614, CVE-2018-13093, CVE-2019-11815, CVE-2021-27363, CVE-2021-27365, CVE-2021-27364, CVE-2018-16276, CVE-2018-14734, CVE-2020-0427, CVE-2020-0466, CVE-2017-18216, CVE-2019-19319, CVE-2017-7482, CVE-2020-0404, CVE-2020-0465, CVE-2018-10902, CVE-2018-10877, CVE-2018-10880, CVE-2018-9383, CVE-2020-25669, CVE-2020-36158, CVE-2021-3178, CVE-2019-6974, CVE-2019-7221, CVE-2020-27815, CVE-2020-35519, CVE-2021-28972, CVE-2018-7492, CVE-2019-11486, CVE-2016-3857, CVE-2017-17741, CVE-2014-7841, CVE-2016-8660, CVE-2018-10322
CVSS Scores
Base 8.1 / Temporal 7.1
Description
Euler has released a security update for kernel to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1808
Patches
EulerOS-SA-2021-1808
CVE-2015-8868
EulerOS Security Update for compat-poppler022 (EulerOS-SA-2021-1772)
Severity
Urgent5
In Development
Qualys ID
670304
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1772
CVE Reference
CVE-2015-8868
CVSS Scores
Base 7.8 / Temporal 6.8
Description
Euler has released a security update for compat-poppler022 to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1772
Patches
EulerOS-SA-2021-1772
CVE-2019-2201
EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2021-1810)
Severity
Urgent5
In Development
Qualys ID
670267
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1810
CVE Reference
CVE-2019-2201
CVSS Scores
Base 7.8 / Temporal 6.8
Description
Euler has released a security update for libjpeg-turbo to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1810
Patches
EulerOS-SA-2021-1810
CVE-2018-11531+
EulerOS Security Update for exiv2 (EulerOS-SA-2021-1782)
Severity
Critical4
In Development
Qualys ID
670294
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1782
CVE Reference
CVE-2018-11531, CVE-2019-17402, CVE-2018-10999, CVE-2018-16336
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for exiv2 to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1782
Patches
EulerOS-SA-2021-1782
CVE-2019-14809
EulerOS Security Update for golang (EulerOS-SA-2021-1792)
Severity
Critical4
In Development
Qualys ID
670284
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1792
CVE Reference
CVE-2019-14809
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for golang to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1792
Patches
EulerOS-SA-2021-1792
CVE-2020-12658
EulerOS Security Update for gssproxy (EulerOS-SA-2021-1795)
Severity
Critical4
In Development
Qualys ID
670281
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1795
CVE Reference
CVE-2020-12658
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for gssproxy to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1795
Patches
EulerOS-SA-2021-1795
CVE-2021-20176+
EulerOS Security Update for ImageMagick (EulerOS-SA-2021-1802)
Severity
Critical4
In Development
Qualys ID
670275
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1802
CVE Reference
CVE-2021-20176, CVE-2019-15140, CVE-2019-16710, CVE-2019-16709, CVE-2019-16708, CVE-2019-16711, CVE-2019-16713, CVE-2017-9501, CVE-2019-19948, CVE-2019-19949, CVE-2019-14981, CVE-2017-13768, CVE-2019-11472, CVE-2019-15139, CVE-2017-11533
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for ImageMagick to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1802
Patches
EulerOS-SA-2021-1802
CVE-2020-0182+
EulerOS Security Update for libexif (EulerOS-SA-2021-1809)
Severity
Critical4
In Development
Qualys ID
670268
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1809
CVE Reference
CVE-2020-0182, CVE-2020-0452
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for libexif to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1809
Patches
EulerOS-SA-2021-1809
CVE-2020-35524+
EulerOS Security Update for libtiff (EulerOS-SA-2021-1813)
Severity
Critical4
In Development
Qualys ID
670263
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1813
CVE Reference
CVE-2020-35524, CVE-2020-35523, CVE-2017-9404, CVE-2017-9117, CVE-2017-5563
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for libtiff to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1813
Patches
EulerOS-SA-2021-1813
CVE-2018-11574
EulerOS Security Update for ppp (EulerOS-SA-2021-1834)
Severity
Critical4
In Development
Qualys ID
670242
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1834
CVE Reference
CVE-2018-11574
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for ppp to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1834
Patches
EulerOS-SA-2021-1834
CVE-2021-3177+
EulerOS Security Update for python (EulerOS-SA-2021-1835)
Severity
Critical4
In Development
Qualys ID
670241
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1835
CVE Reference
CVE-2021-3177, CVE-2021-23336
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for python to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1835
Patches
EulerOS-SA-2021-1835
CVE-2021-26937
EulerOS Security Update for screen (EulerOS-SA-2021-1848)
Severity
Critical4
In Development
Qualys ID
670227
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1848
CVE Reference
CVE-2021-26937
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for screen to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1848
Patches
EulerOS-SA-2021-1848
CVE-2019-18679+
EulerOS Security Update for squid (EulerOS-SA-2021-1852)
Severity
Critical4
In Development
Qualys ID
670223
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1852
CVE Reference
CVE-2019-18679, CVE-2019-18677, CVE-2019-18676, CVE-2020-14058, CVE-2019-12526, CVE-2019-12523, CVE-2020-25097
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for squid to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1852
Patches
EulerOS-SA-2021-1852
CVE-2021-27135
EulerOS Security Update for xterm (EulerOS-SA-2021-1864)
Severity
Critical4
In Development
Qualys ID
670211
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1864
CVE Reference
CVE-2021-27135
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for xterm to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1864
Patches
EulerOS-SA-2021-1864
CVE-2020-14372+
EulerOS Security Update for grub2 (EulerOS-SA-2021-1794)
Severity
Critical4
In Development
Qualys ID
670282
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1794
CVE Reference
CVE-2020-14372, CVE-2020-25647, CVE-2021-20233, CVE-2020-27779, CVE-2021-20225, CVE-2020-25632
CVSS Scores
Base 8.2 / Temporal 7.1
Description
Euler has released a security update for grub2 to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1794
Patches
EulerOS-SA-2021-1794
CVE-2018-7418+
EulerOS Security Update for wireshark (EulerOS-SA-2021-1859)
Severity
Critical4
In Development
Qualys ID
670216
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1859
CVE Reference
CVE-2018-7418, CVE-2019-10903, CVE-2019-10894, CVE-2019-10901, CVE-2019-10895, CVE-2019-10899, CVE-2018-5336, CVE-2018-14340, CVE-2018-14368, CVE-2018-14341, CVE-2018-16057, CVE-2018-19622, CVE-2018-11362
CVSS Scores
Base 7.5 / Temporal 6.5
Description
Euler has released a security update for wireshark to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1859
Patches
EulerOS-SA-2021-1859
CVE-2017-10988
EulerOS Security Update for freeradius (EulerOS-SA-2021-1784)
Severity
Critical4
In Development
Qualys ID
670292
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1784
CVE Reference
CVE-2017-10988
CVSS Scores
Base 7.3 / Temporal 6.4
Description
Euler has released a security update for freeradius to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1784
Patches
EulerOS-SA-2021-1784
CVE-2021-20277
EulerOS Security Update for libldb (EulerOS-SA-2021-1811)
Severity
Critical4
In Development
Qualys ID
670266
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1811
CVE Reference
CVE-2021-20277
CVSS Scores
Base 7.3 / Temporal 6.4
Description
Euler has released a security update for libldb to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1811
Patches
EulerOS-SA-2021-1811
CVE-2021-3472
EulerOS Security Update for xorg-x11-server (EulerOS-SA-2021-1863)
Severity
Critical4
In Development
Qualys ID
670212
Date Published
May 7, 2021
Vendor Reference
EulerOS-SA-2021-1863
CVE Reference
CVE-2021-3472
CVSS Scores
Base 7.3 / Temporal 6.4
Description
Euler has released a security update for xorg-x11-server to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP3
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1863
Patches
EulerOS-SA-2021-1863
—
EOL/Obsolete Software: Puppet Server Prior to 6.15.x Detected
Severity
Urgent5
In Development
Qualys ID
650046
Vendor Reference
Puppet Lifecycle
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to orchestration and reporting.
Puppet Server 5.x (PE 2018.1.Z) end of life date of January 31, 2021.
Puppet server 6.x (2019.8) before 6.15 are not supported
Affected Versions:
Puppet Server version before 6.15
QID Detection Logic:(Unauthenticated)
This QID sends a crafted GET request to check the vulnerable version of puppet server .
Consequence
The system is at high risk of being exposed to security vulnerabilities. Because the vendor no longer provides updates, obsolete software is more vulnerable to viruses and other attacks.
Solution
Upgrade to the latest version of Puppet Server. Please refer to Puppet Server and Product Support Lifecycle
CVE-2020-28007+
Debian Security Update for exim4 (DLA 2650-1)(21Nails)
Severity
Urgent5
Recently Published
Qualys ID
178577
Date Published
May 6, 2021
Vendor Reference
DLA 2650-1
CVE Reference
CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28017, CVE-2020-28019, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022, CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Debian has released security update for exim4 to fix the vulnerabilities.
Consequence
Successful exploitation allows an attacker to compromise the system.
Solution
Refer to Debian LTS Announce DLA 2650-1 to address this issue and obtain further details.
Patches
Debian DLA 2650-1
CVE-2021-23010
F5 BIG-IP ASM WebSocket vulnerability(K18570111)
Severity
Critical4
In Development
Qualys ID
375530
Vendor Reference
K18570111
CVE Reference
CVE-2021-23010
CVSS Scores
Base 9.8 / Temporal 8.5
Description
F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
CVE-2021-23010: When the BIG-IP ASM system processes WebSocket requests with JSON payloads using the default JSON content profile in the ASM security policy, the BIG-IP ASM bd process may produce a core file.
Vulnerable Component: BIG-IP ASM
Affected Versions:
16.0.0 - 16.0.1
15.1.0 - 15.1.1
14.1.0 - 14.1.3
13.1.0 - 13.1.3
12.1.0 - 12.1.5
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
Consequence
When this vulnerability is exploited, the BIG-IP ASM bd process may produce a core file, interrupt traffic processing, and cause a failover event.

Solution
The vendor has released any patch, for more information please visit: K18570111
Patches
K18570111
CVE-2021-1871+
SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:1499-1)
Severity
Critical4
Recently Published
Qualys ID
174986
Date Published
May 6, 2021
Vendor Reference
SUSE-SU-2021:1499-1
CVE Reference
CVE-2021-1871, CVE-2021-1789, CVE-2021-1765, CVE-2020-27918, CVE-2021-1788, CVE-2021-1801, CVE-2021-1870, CVE-2021-1844, CVE-2020-29623, CVE-2021-1799
CVSS Scores
Base 9.8 / Temporal 8.5
Description
This update for webkit2gtk3 fixes the following issues:

- Update to version 2.32.0 (bsc#1184155):
* Fix the authentication request port when URL omits the port.
* Fix iframe scrolling when main frame is scrolled in async
* scrolling mode.
* Stop using g_memdup.
* Show a warning message when overriding signal handler for
* threading suspension.
* Fix the build on RISC-V with GCC 11.
* Fix several crashes and rendering issues.
* Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871
- Update in version 2.30.6 (bsc#1184262):
* Update user agent quirks again for Google Docs and Google Drive.
* Fix several crashes and rendering issues.
* Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765
CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870.
- Update _constraints for armv6/armv7 (bsc#1182719)
- restore NPAPI plugin support which was removed in 2.32.0
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1499-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1499-1
CVE-2021-25214+
SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1469-1)
Severity
Critical4
Recently Published
Qualys ID
174977
Date Published
May 6, 2021
Vendor Reference
SUSE-SU-2021:1469-1
CVE Reference
CVE-2021-25214, CVE-2021-25215, CVE-2021-25216
CVSS Scores
Base 8.1 / Temporal 7.1
Description
This update for bind fixes the following issues:

- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR)
which could have caused named to terminate unexpectedly (bsc#1185345).
- CVE-2021-25215: Fixed an assertion check which could have failed while
answering queries for DNAME records that required the DNAME to be
processed to resolve itself (bsc#1185345).
- CVE-2021-25216: Fixed an issue where policy negotiation can be targeted
by a buffer overflow attack (bsc#1185345).
- MD5 warning message using host, dig, nslookup (bind-utils) with FIPS
enabled (bsc#1181495).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1469-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1469-1
CVE-2021-20270
SUSE Enterprise Linux Security Update for python-Pygments (SUSE-SU-2021:1500-1)
Severity
Critical4
In Development
Qualys ID
174980
Vendor Reference
SUSE-SU-2021:1500-1
CVE Reference
CVE-2021-20270
CVSS Scores
Base 7.5 / Temporal 6.5
Description
This update for python-Pygments fixes the following issues:

- CVE-2021-20270: Fixed an infinite loop in SML lexer which may lead to
DoS (bsc#1183169)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1500-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1500-1
CVE-2021-25214+
SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1468-1)
Severity
Critical4
Recently Published
Qualys ID
174979
Date Published
May 6, 2021
Vendor Reference
SUSE-SU-2021:1468-1
CVE Reference
CVE-2021-25214, CVE-2021-25215
CVSS Scores
Base 7.5 / Temporal 6.5
Description
This update for bind fixes the following issues:

- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR)
which could have caused named to terminate unexpectedly (bsc#1185345).
- CVE-2021-25215: Fixed an assertion check which could have failed while
answering queries for DNAME records that required the DNAME to be
processed to resolve itself (bsc#1185345).
- MD5 warning message using host, dig, nslookup (bind-utils) on SLES 12
SP5 with FIPS enabled (bsc#1181495).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1468-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1468-1
CVE-2021-25214+
SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1471-1)
Severity
Critical4
In Development
Qualys ID
174978
Vendor Reference
SUSE-SU-2021:1471-1
CVE Reference
CVE-2021-25214, CVE-2021-25215
CVSS Scores
Base 7.5 / Temporal 6.5
Description
This update for bind fixes the following issues:

- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR)
which could have caused named to terminate unexpectedly (bsc#1185345).
- CVE-2021-25215: Fixed an assertion check which could have failed while
answering queries for DNAME records that required the DNAME to be
processed to resolve itself (bsc#1185345).
- make /usr/bin/delv in bind-tools position independent (bsc#1183453).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1471-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1471-1
CVE-2021-20288
SUSE Enterprise Linux Security Update for ceph (SUSE-SU-2021:1474-1)
Severity
Critical4
In Development
Qualys ID
174976
Vendor Reference
SUSE-SU-2021:1474-1
CVE Reference
CVE-2021-20288
CVSS Scores
Base 7.2 / Temporal 6.3
Description
This update for ceph fixes the following issues:

- ceph was updated to 15.2.11-83-g8a15f484c2:
* CVE-2021-20288: Fixed unauthorized global_id reuse (bsc#1183074).
* disk gets replaced with no rocksdb/wal (bsc#1184231).
* BlueStore handles huge(>4GB) writes from RocksDB to BlueFS poorly,
potentially causing data corruption (bsc#1183899).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1474-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1474-1
CVE-2020-25678+
SUSE Enterprise Linux Security Update for ceph (SUSE-SU-2021:1473-1)
Severity
Critical4
Recently Published
Qualys ID
174975
Date Published
May 6, 2021
Vendor Reference
SUSE-SU-2021:1473-1
CVE Reference
CVE-2020-25678, CVE-2021-20288, CVE-2020-27839
CVSS Scores
Base 7.2 / Temporal 6.3
Description
This update for ceph fixes the following issues:

- ceph was updated to 14.2.20-402-g6aa76c6815:
* CVE-2021-20288: Fixed unauthorized global_id reuse (bsc#1183074).
* CVE-2020-25678: Do not add sensitive information in Ceph log files
(bsc#1178905).
* CVE-2020-27839: Use secure cookies to store JWT Token (bsc#1179997).
* mgr/dashboard: prometheus alerting: add some leeway for package
drops and errors (bsc#1145463)
* mon: have 'mon stat' output json as well (bsc#1174466)
* rpm: ceph-mgr-dashboard recommends python3-saml on SUSE (bsc#1177200)
* mgr/dashboard: Display a warning message in Dashboard when debug
mode is enabled (bsc#1178235)
* rgw: cls/user: set from_index for reset stats calls (bsc#1178837)
* mgr/dashboard: Disable TLS 1.0 and 1.1 (bsc#1178860)
* bluestore: provide a different name for fallback allocator
(bsc#1180118)
* test/run-cli-tests: use cram from github (bsc#1181378)
* mgr/dashboard: fix "Python2 Cookie module import fails on Python3"
(bsc#1183487)
* common: make ms_bind_msgr2 default to 'false' (bsc#1180594)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1473-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1473-1
CVE-2021-20254+
SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1498-1)
Severity
Critical4
Recently Published
Qualys ID
174982
Date Published
May 6, 2021
Vendor Reference
SUSE-SU-2021:1498-1
CVE Reference
CVE-2021-20254, CVE-2021-20277, CVE-2020-27840
CVSS Scores
Base 6.7 / Temporal 5.8
Description
This update for samba fixes the following issues:

- CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold
(bsc#1183574).
- CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
(bsc#1184677).
- CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad
DNs (bsc#1183572).
- Avoid free'ing our own pointer in memcache when memcache_trim attempts
to reduce cache size (bsc#1179156).
- s3-libads: use dns name to open a ldap session (bsc#1184310).
- Adjust smbcacls '--propagate-inheritance' feature to align with upstream
(bsc#1178469).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1498-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1498-1
CVE-2021-20254
SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1492-1)
Severity
Critical4
Recently Published
Qualys ID
174981
Date Published
May 6, 2021
Vendor Reference
SUSE-SU-2021:1492-1
CVE Reference
CVE-2021-20254
CVSS Scores
Base 6.7 / Temporal 5.8
Description
This update for samba fixes the following issues:

- CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
(bsc#1184677).
- Avoid free'ing our own pointer in memcache when memcache_trim attempts
to reduce cache size (bsc#1179156).
- Adjust smbcacls '--propagate-inheritance' feature to align with upstream
(bsc#1178469).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1492-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1492-1
—
SUSE Enterprise Linux Security Update for permissions (SUSE-SU-2021:1466-1)
Severity
Critical4
In Development
Qualys ID
174974
Vendor Reference
SUSE-SU-2021:1466-1
CVSS Scores
Base 5.6 / Temporal 4.9
Description
This update for permissions fixes the following issues:

- etc/permissions: remove unnecessary entries (bsc#1182899)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1466-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1466-1
CVE-2021-3479+
SUSE Enterprise Linux Security Update for openexr (SUSE-SU-2021:1489-1)
Severity
Critical4
In Development
Qualys ID
174984
Vendor Reference
SUSE-SU-2021:1489-1
CVE Reference
CVE-2021-3479, CVE-2021-26260, CVE-2021-3477, CVE-2021-20296, CVE-2021-23215
CVSS Scores
Base 5.5 / Temporal 4.8
Description
This update for openexr fixes the following issues:

- CVE-2021-23215: Fixed an integer-overflow in
Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185216).
- CVE-2021-26260: Fixed an Integer-overflow in
Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185217).
- CVE-2021-20296: Fixed a Null Pointer dereference in
Imf_2_5:hufUncompress (bsc#1184355).
- CVE-2021-3477: Fixed a Heap-buffer-overflow in
Imf_2_5::DeepTiledInputFile::readPixelSampleCounts (bsc#1184353).
- CVE-2021-3479: Fixed an Out-of-memory caused by allocation of a very
large buffer (bsc#1184354).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1489-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1489-1
CVE-2020-0543
SUSE Enterprise Linux Security Update for sca-patterns-sle11 (SUSE-SU-2021:1497-1)
Severity
Critical4
In Development
Qualys ID
174983
Vendor Reference
SUSE-SU-2021:1497-1
CVE Reference
CVE-2020-0543
CVSS Scores
Base 5.5 / Temporal 4.8
Description
This update for sca-patterns-sle11 fixes the following issues:

- New regular patterns (1) for version 1.3.1
* Special Register Buffer Data Sampling aka CrossTalk (CVE-2020-0543)
(bsc#1154824)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1497-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1497-1
CVE-2020-4682
IBM MQ Remote Code Execution Vulnerability(6408626)
Severity
Urgent5
In Development
Qualys ID
375523
Vendor Reference
6408626
CVE Reference
CVE-2020-4682
CVSS Scores
Base 9.8 / Temporal 8.5
Description
The IBM MQ Appliance is a hardware product that provides IBM MQ ready installed and ready to use.
An issue was found within the IBM MQ Java and JMS client libraries that could allow an attacker to execute a remote code execution attack.
Affected Versions:
IBM MQ 9.2.0
IBM MQ 9.1.0
IBM MQ 9.0.0
IBM MQ 8.0.0
IBM MQ 7.5.0
Operating System: Windows
It checks for vulnerable IBM MQ/WebSphere MQ versions.
Operating System: Linux
The QID executes /opt/mqm/bin/dspmqver -v | grep -A3 '^Name' to see if the system is running a vulnerable version of IBM MQ or not.
Consequence
Successful exploitation of this vulnerability could allow an attacker to execute a remote code execution attack.
Solution
The vendor has released a fix to resolve the issue, please refer to 6408626 for more information.
Patches
6408626
CVE-2021-25215
ISC BIND Assertion Failure Vulnerability
Severity
Critical4
In Development
Qualys ID
15126
Vendor Reference
BIND CVE-2021-25215
CVE Reference
CVE-2021-25215
CVSS Scores
Base 9.8 / Temporal 8.5
Description
ISC BIND (Berkley Internet Domain Name) is an implementation of DNS protocols.
Affected software:
BIND 9.0.0 -> 9.11.29
BIND 9.12.0 -> 9.16.13
BIND 9.9.3-S1 -> 9.11.29-S1
BIND 9.16.8-S1 -> 9.16.13-S1
BIND 9.17.0 -> 9.17.11
Patched Versions:
BIND 9.11.31
BIND 9.16.15
BIND 9.17.12
BIND 9.11.31-S1
BIND 9.16.15-S1
QID Detection Logic:
This unauthenticated check detects vulnerable systems by fetching the version information from the BIND service.

Consequence
Successfully exploitation could affects integrity, availability, confidentiality
Solution
Customers are advised to upgrade to the patched version 9.11.31, 9.16.15, 9.17.12, 9.11.31-S1, 9.16.15-S1 or latest release of ISC BIND.
Patches
BIND CVE-2021-25215
CVE-2021-25216
ISC BIND Buffer Overflow Vulnerability
Severity
Critical4
In Development
Qualys ID
15124
Vendor Reference
BIND CVE-2021-25216
CVE Reference
CVE-2021-25216
CVSS Scores
Base 9.8 / Temporal 8.5
Description
ISC BIND (Berkley Internet Domain Name) is an implementation of DNS protocols.
CVE-2021-25216: A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack. Affected software:
BIND 9.5.0 -> 9.11.29
BIND 9.12.0 -> 9.16.13
BIND 9.11.3-S1 -> 9.11.29-S1
BIND 9.16.8-S1 -> 9.16.13-S1
BIND 9.17.0 -> 9.17.1
Patched Versions:
BIND 9.11.31
BIND 9.16.15
BIND 9.11.31-S1
BIND 9.16.15-S1
QID Detection Logic:
This unauthenticated check detects vulnerable systems by fetching the version information from the BIND service.

Consequence
Successfully exploitation could affects integrity, availability, confidentiality
Solution
Customers are advised to upgrade to the patched version 9.11.31, 9.16.15, 9.11.31-S1, 9.16.15-S1 or latest release of ISC BIND.Workaround:
This vulnerability only affects servers configured to use GSS-TSIG, most often to sign dynamic updates. If another mechanism can be used to authenticate updates, the vulnerability can be avoided by choosing not to enable the use of GSS-TSIG features. Prior to the April 2021 BIND releases, on some platforms it was possible to build a working BIND installation that was not vulnerable to CVE-2021-25216 by providing the --disable-isc-spnego command-line argument when running the ./configure script in the top level of the BIND source directory, before compiling and linking named. After the April 2021 BIND releases, all supported branches have removed isc-spnego support. This corrects CVE-2021-25216, but requires that the system have other libraries and header files to support GSS-TSIG functionality, unless such functionality is completely disabled at build time by providing the --without-gssapi argument to the ./configurescript when selecting build options.
Patches
BIND CVE-2021-25216
CVE-2021-29468
Cygwin Git Package Remote Code Execution
Severity
Critical4
Recently Published
Qualys ID
375525
Date Published
May 6, 2021
Vendor Reference
CVE-2021-29468
CVE Reference
CVE-2021-29468
CVSS Scores
Base 8.8 / Temporal 7.7
Description
Cygwin is a Linux-style operating environment for Microsoft Windows.
Cywin git package is affected to execute arbitrary code as soon as the repository is checked out.
Affected Versions:
Cygwin git package version prior to 2.31.1-2
QID Detection Logic (authenticated):
The QID flags if it finds a vulnerable version of the git package in installed file. The location of the file is determined by the key "HKLM\SOFTWARE\Cygwin\setup", value "rootdir". The file is present in the <rootdir>\etc\setup folder.
Consequence
Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code as soon as the repository is checked out.

Solution
Upgrade to Cygwin git package to version 2.31.1-2 or later. For more information, please refer to the vendor advisory for affected Cygwin
Patches
Windows Cygwin Git
CVE-2021-20230
SUSE Enterprise Linux Security Update for stunnel (SUSE-SU-2021:1465-1)
Severity
Critical4
In Development
Qualys ID
174973
Vendor Reference
SUSE-SU-2021:1465-1
CVE Reference
CVE-2021-20230
CVSS Scores
Base 7.5 / Temporal 6.5
Description
This update for stunnel fixes the following issues:

- Security fix: [bsc#1177580, bsc#1182529, CVE-2021-20230]
* "redirect" option does not properly handle "verifyChain = yes"
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1465-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1465-1
CVE-2021-22206+
GitLab Multiple Security Vulnerabilities(gitlab- 13-11-2, 13-10-4, 13-9-7)
Severity
Critical4
Recently Published
Qualys ID
375522
Date Published
May 6, 2021
Vendor Reference
Gitlab
CVE Reference
CVE-2021-22206, CVE-2021-22208, CVE-2021-22209, CVE-2021-22210, CVE-2021-22211
CVSS Scores
Base 9.4 / Temporal 8.2
Description
GitLab, the software, is a web-based Git repository manager with wiki and issue tracking features.
All versions starting with 13.8: Read API scoped tokens can execute mutations
All versions starting with 11.6: Pull mirror credentials were exposed
All versions starting with 13.2: Denial of Service when querying repository branches API
All versions prior to 13.5: Non-owners can set system_note_timestamp when creating / updating issues
All versions starting from 13.7: DeployToken will impersonate a User with the same ID when using Dependency Proxy
Affected Versions:
All version starting with 13.8
All versions starting with 11.6
All versions starting with 13.2
All versions prior to 13.5
All versions of Gitlab EE/CE starting with 13.7
QID Detection Logic:(Authenticated)
It fires gitlab-rake gitlab:env:info command to check vulnerable version of GitLab.
Consequence
Successful exploitation of these vulnerabilities allow sensitive data leak or DOS.
Solution
The vendor has released patch, For more information please visit gitlab-13-11-2
Patches
GitLab Security Release
CVE-2020-15078
OpenVpn 2.5.1 and earlier Authentication Bypass (excluding 2.4.11)
Severity
Critical4
Recently Published
Qualys ID
375518
Date Published
May 6, 2021
Vendor Reference
OpenVpn
CVE Reference
CVE-2020-15078
CVSS Scores
Base 9.8 / Temporal 8.5
Description
OpenVPN is an OpenSSL based tunneling application to securely tunnel IP networks over the TCP and UDP protocols.
Vulnerability allows a remote attackers to bypass authentication.
Affected Versions:
OpenVPN 2.5.1 and earlier (except 2.4.11)
Consequence
Successful exploitation of this vulnerability allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
Solution
Users are advised to upgrade to the latest version of the software available. Latest version of the software can be downloaded from OpenVPN
Patches
Windows OpenVpn
CVE-2021-23358
Ubuntu Security Notification for Underscore vulnerability (USN-4913-2)
Severity
Critical4
Recently Published
Qualys ID
198346
Date Published
May 6, 2021
Vendor Reference
USN-4913-2
CVE Reference
CVE-2021-23358
CVSS Scores
Base 7.2 / Temporal 6.3
Description
Underscore incorrectly handled certain inputs
Consequence
An attacker could possibly use this issue to inject arbitrary code
Solution
Refer to Ubuntu advisory: USN-4913-2 for affected packages and patching details, or update with your package manager.
Patches
Ubuntu Linux USN-4913-2
CVE-2020-25671+
Amazon Linux Security Advisory for kernel: ALAS2-2021-1627
Severity
Critical4
Recently Published
Qualys ID
352274
Date Published
May 6, 2021
Vendor Reference
ALAS-2021-1627
CVE Reference
CVE-2020-25671, CVE-2019-19060, CVE-2019-7308, CVE-2020-25670, CVE-2020-25672, CVE-2020-27171, CVE-2021-28660, CVE-2021-28688, CVE-2021-28964, CVE-2021-28972, CVE-2021-29154, CVE-2021-29265, CVE-2021-29647, CVE-2021-3483
CVSS Scores
Base 7.8 / Temporal 6.8
Description
<DIV ID="issue_overview">
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. (CVE-2019-19060 )
A bypass was found for the Spectre v1 hardening in the eBPF engine of the Linux kernel. The code in the kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. (CVE-2019-7308 )
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. (CVE-2020-25670 )
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. (CVE-2020-25671 )
A memory leak vulnerability was found in Linux kernel in llcp_sock_connect. (CVE-2020-25672 )
A flaw was found in the Linux kernels eBPF verification code. By default accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A flaw that triggers Integer underflow when restricting speculative pointer arithmetic allows unprivileged local users to leak the content of kernel memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2020-27171 )
A flaw was found in the Linux kernel. The rtw_wx_set_scan driver allows writing beyond the end of the ->ssid[] array. The highest threat from this vulnerability is to data confidentiality and integrity as well system availability. (CVE-2021-28660 )
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11. (CVE-2021-28688)
A race condition flaw was found in get_old_root in fs/btrfs/ctree.c in the Linux kernel in btrfs file-system. This flaw allows a local attacker with a special user privilege to cause a denial of service due to not locking an extent buffer before a cloning operation. The highest threat from this vulnerability is to system availability. (CVE-2021-28964 )
A flaw in the Linux kernels implementation of the RPA PCI Hotplug driver for power-pc. A user with permissions to write to the sysfs settings for this driver can trigger a buffer overflow when writing a new device name to the driver from userspace, overwriting data in the kernel's stack. (CVE-2021-28972 )
A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF ve</DIV>
Consequence
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
Solution
Please refer to Amazon advisory: ALAS-2021-1627 for affected packages and patching details, or update with your package manager.
Patches
Amazon Linux 2 ALAS-2021-1627
CVE-2018-14670
ClickHouse Incorrect Configuration Vulnerability
Severity
Critical4
Recently Published
Qualys ID
375498
Date Published
May 6, 2021
Vendor Reference
ClickHouse 1.1.54131
CVE Reference
CVE-2018-14670
CVSS Scores
Base 9.8 / Temporal 8.5
Description
ClickHouse is an open-source column-oriented DBMS for online analytical processing.
ClickHouse is vulnerable to multiple vulnerabilities
Affected Versions:
Prior to ClickHouse version 1.1.54131
QID Detection Logic:
This QID uses command clickhouse-client to get the version from the linux system

Consequence
Incorrect configuration in deb package could lead to the unauthorized use of the database.
Solution
Please refer to advisory clickhouse release 1.1.54131
Patches
ClickHouse Release 1.1.54131
CVE-2020-35189
Kong Docker Image Weak Authentication Vulnerability
Severity
Urgent5
Recently Published
Qualys ID
730047
Date Published
May 6, 2021
Vendor Reference
Kong Docker
CVE Reference
CVE-2020-35189
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Kong is a scalable, open source API Platform (also known as an API Gateway or API Middleware).
Affected Versions:
Kong docker images before 1.0.2-alpine (Alpine specific)
QID Detection Logic:
This QID checks for the vulnerable version of Kong Docker.

Consequence
System using the kong docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
Solution
Upgrade to the Kong docker 1.0.2 or to the latest version of Kong docker. Please refer to Kong docker Website.
Patches
Kong Docker
CVE-2021-30666+
Apple iOS 12.5.3 Security Update Missing (HT212341)
Severity
Urgent5
Recently Published
Qualys ID
610336
Date Published
May 5, 2021
Vendor Reference
HT212341
CVE Reference
CVE-2021-30666, CVE-2021-30665, CVE-2021-30663, CVE-2021-30661
CVSS Scores
Base / Temporal
Description
iOS is a mobile operating system created and developed by Apple Inc.
Following security issues are observed :
A buffer overflow issue was addressed with improved memory handling. CVE-2021-30666
A memory corruption issue was addressed with improved state management. CVE-2021-30665
An integer overflow was addressed with improved input validation. CVE-2021-30663
A use after free issue was addressed with improved memory management. CVE-2021-30661
Affected Devices
iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Refer to Apple advisory HT212341 for patching details.
Patches
iOS HT212341
CVE-2021-30665+
Apple iOS 14.5.1 and iPadOS 14.5.1 Security Update Missing (HT212336)
Severity
Urgent5
Recently Published
Qualys ID
610335
Date Published
May 5, 2021
Vendor Reference
HT212336
CVE Reference
CVE-2021-30665, CVE-2021-30663
CVSS Scores
Base / Temporal
Description
iOS is a mobile operating system created and developed by Apple Inc.
Following security issues are observed :
A memory corruption issue was addressed with improved state management. CVE-2021-30665
An integer overflow was addressed with improved input validation. CVE-2021-30663
Affected Devices
iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Refer to Apple advisory HT212336 for patching details.
Patches
iOS HT212336
CVE-2020-28007+
Ubuntu Security Notification for Exim4 Vulnerabilities (USN-4934-1) (21Nails)
Severity
Urgent5
Recently Published
Qualys ID
198350
Date Published
May 5, 2021
Vendor Reference
USN-4934-1
CVE Reference
CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28010, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28016, CVE-2020-28017, CVE-2020-28018, CVE-2020-28019, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022, CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026, CVE-2021-27216
CVSS Scores
Base 9.8 / Temporal 7.8
Description
It was discovered that Exim contained multiple security issues.
Consequence
An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges.
Solution
Refer to Ubuntu advisory USN-4934-1 for affected packages and patching details, or update with your package manager.
Patches
18.04 (bionic) on src exim4-base USN-4934-1, 18.04 (bionic) on src exim4-daemon-heavy USN-4934-1, 18.04 (bionic) on src exim4-daemon-light USN-4934-1, 20.04 (focal) on src exim4-base USN-4934-1, 20.04 (focal) on src exim4-daemon-heavy USN-4934-1, 20.04 (focal) on src exim4-daemon-light USN-4934-1, 20.10 (groovy) on src exim4-base USN-4934-1, 20.10 (groovy) on src exim4-daemon-heavy USN-4934-1, 20.10 (groovy) on src exim4-daemon-light USN-4934-1, 21.04 (hirsute) on src exim4-base USN-4934-1, 21.04 (hirsute) on src exim4-daemon-heavy USN-4934-1, 21.04 (hirsute) on src exim4-daemon-light USN-4934-1
CVE-2020-28007+
Debian Security Update for exim4 (DSA 4912-1) (21Nails)
Severity
Urgent5
Recently Published
Qualys ID
178576
Date Published
May 5, 2021
Vendor Reference
DSA 4912-1
CVE Reference
CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28010, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28017, CVE-2020-28019, CVE-2020-28021, CVE-2020-28022, CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026
CVSS Scores
Base 8.8 / Temporal 7.7
Description
Debian has released security update for exim4 to fix the vulnerabilities.
Consequence
Successful exploitation allows an attacker to compromise the system.
Solution
Refer to Debian security advisory DSA 4912-1 to address this issue and obtain further details.
Patches
Debian DSA 4912-1
CVE-2020-13942
Apache Unomi Remote Code Execution Vulnerability
Severity
Critical4
Recently Published
Qualys ID
730069
Date Published
May 5, 2021
Vendor Reference
CVE-2020-13942
CVE Reference
CVE-2020-13942
CVSS Scores
Base 9.8 / Temporal 8.8
Description
Apache Unomi is a REST server that manages user-profiles and events related to the profiles.
Apache Unomi allowed remote attackers to send malicious requests with MVEL and OGNL expressions that could contain arbitrary classes, resulting in Remote Code Execution (RCE) with the privileges of the Unomi application.

Affected Versions:
This vulnerability affects all versions of Apache Unomi prior to 1.5.2
QID Detection Logic (Authenticated):
This QID sends HTTP POST payloads to URL "/context.json".
Consequence
Successful exploitation of this issue may allow an attacker to execute code.
Solution
Refer to CVE-2020-13942: Remote Code Execution in Apache Unomi for more information about patching this vulnerability.
Patches
CVE-2020-13942
CVE-2021-21227+
Microsoft Edge Based On Chromium Prior to 90.0.818.51 Multiple Vulnerabilities
Severity
Critical4
Recently Published
Qualys ID
375526
Date Published
May 5, 2021
Vendor Reference
CVE-2021-21227, CVE-2021-21228, CVE-2021-21229, CVE-2021-21230, CVE-2021-21231, CVE-2021-21232, CVE-2021-21233
CVE Reference
CVE-2021-21227, CVE-2021-21228, CVE-2021-21229, CVE-2021-21230, CVE-2021-21231, CVE-2021-21232, CVE-2021-21233
CVSS Scores
Base 8.8 / Temporal 7.7
Description
Microsoft Edge is a cross-platform web browser developed by Microsoft.
Microsoft Edge based on Chromium is affected by the following vulnerabilities:
CVE-2021-21227: Insufficient data validation in V8.
CVE-2021-21228: Insufficient policy enforcement in extensions.
CVE-2021-21229: Incorrect security UI in downloads.
CVE-2021-21230: Type Confusion in V8.
CVE-2021-21231: Insufficient data validation in V8.
CVE-2021-21232: Use after free in Dev Tools.
CVE-2021-21233: Heap buffer overflow in ANGLE.
QID Detection Logic: (authenticated)
Operating System: Windows
The install path is checked via registry "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge\shell\open\command". The version is checked via file msedge.exe.
Consequence
Successful exploitation of these vulnerabilities may allow an attacker to execute arbitrary code on target system.
Solution
Customers are advised to upgrade to version
For further details refer to 90.0.818.51 or later
Patches
CVE-2021-21227
CVE-2020-13558+
Gentoo Linux WebkitGTK+ Multiple Vulnerabilities (GLSA 202104-03)
Severity
Critical4
Recently Published
Qualys ID
710013
Date Published
May 5, 2021
Vendor Reference
GLSA 202104-03
CVE Reference
CVE-2020-13558, CVE-2020-27918, CVE-2020-29623, CVE-2020-9947, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Gentoo Linux is a Linux distribution
Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code.
Affected Package: - net-libs/webkit-gtk
Affected version: Prior to 2.30.6
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
The Vendor has released security update to fix the vulnerability. For more information please visit 202104-03
Patches
202104-03
CVE-2018-16875+
SUSE Enterprise Linux Security Update for containerd, docker, runc (SUSE-SU-2021:1458-1)
Severity
Critical4
In Development
Qualys ID
174971
Vendor Reference
SUSE-SU-2021:1458-1
CVE Reference
CVE-2018-16875, CVE-2021-21285, CVE-2021-21334, CVE-2019-16884, CVE-2019-5736, CVE-2021-21284, CVE-2018-16873, CVE-2018-16874, CVE-2019-19921
CVSS Scores
Base 8.6 / Temporal 7.5
Description
This update for containerd, docker, runc fixes the following issues:

- Docker was updated to 20.10.6-ce
* Switch version to use -ce suffix rather than _ce to avoid confusing
other tools (bsc#1182476).
* CVE-2021-21284: Fixed a potential privilege escalation when the root
user in the remapped namespace has access to the host filesystem
(bsc#1181732)
* CVE-2021-21285: Fixed an issue where pulling a malformed Docker image
manifest crashes the dockerd daemon (bsc#1181730).

- runc was updated to v1.0.0~rc93 (bsc#1182451 and bsc#1184962).
* Use the upstream runc package (bsc#1181641, bsc#1181677, bsc#1175821).
* Fixed /dev/null is not available (bsc#1168481).
* Fixed an issue where podman hangs when spawned by salt-minion process
(bsc#1149954).
* CVE-2019-19921: Fixed a race condition with shared mounts
(bsc#1160452).
* CVE-2019-16884: Fixed an LSM bypass via malicious Docker image that
mount
over a /proc directory (bsc#1152308).
* CVE-2019-5736: Fixed potential write attacks to the host runc binary
(bsc#1121967).
* Fixed an issue where after a kernel-update docker doesn't run
(bsc#1131314 bsc#1131553)
* Ensure that we always include the version information in runc
(bsc#1053532).

- Switch to Go 1.13 for build.
* CVE-2018-16873: Fixed a potential remote code execution (bsc#1118897).
* CVE-2018-16874: Fixed a directory traversal in "go get" via curly
braces in import paths (bsc#1118898).
* CVE-2018-16875: Fixed a CPU denial of service (bsc#1118899).
* Fixed an issue with building containers (bsc#1095817).

- containerd was updated to v1.4.4
* CVE-2021-21334: Fixed a potential information leak through environment
variables (bsc#1183397).
* Handle a requirement from docker (bsc#1181594).
* Install the containerd-shim* binaries and stop creating (bsc#1183024).
* update version to the one required by docker (bsc#1034053)

- Use -buildmode=pie for tests and binary build (bsc#1048046, bsc#1051429)
- Cleanup seccomp builds similar (bsc#1028638).
- Update to handle the docker-runc removal, and drop the -kubic flavour
(bsc#1181677, bsc#1181749)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1458-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1458-1
CVE-2020-10713+
Gentoo Linux GRUB Multiple Vulnerabilities (GLSA 202104-05)
Severity
Critical4
Recently Published
Qualys ID
710015
Date Published
May 5, 2021
Vendor Reference
GLSA 202104-05
CVE Reference
CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-14372, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
CVSS Scores
Base 8.2 / Temporal 7.1
Description
Gentoo Linux is a Linux distribution
Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot.
Affected Package: sys-devel/grub
Affected version: Prior to 2.06_rc1
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
The Vendor has released security update to fix the vulnerability. For more information please visit 202104-05
Patches
202104-05
CVE-2021-3472
Gentoo Linux X.Org X Server Privilege Escalation Vulnerability (GLSA 202104-02)
Severity
Critical4
Recently Published
Qualys ID
710012
Date Published
May 5, 2021
Vendor Reference
GLSA 202104-02
CVE Reference
CVE-2021-3472
CVSS Scores
Base 7.3 / Temporal 6.4
Description
Gentoo Linux is a Linux distribution
A vulnerability in X.Org X Server may allow users to escalate privileges.
Affected Package: x11-base/xorg-server
Affected version: Prior to 1.20.11
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
The Vendor has released security update to fix the vulnerability. For more information please visit 202104-02
Patches
202104-02
CVE-2021-25317
SUSE Enterprise Linux Security Update for cups (SUSE-SU-2021:1454-1)
Severity
Critical4
In Development
Qualys ID
174969
Vendor Reference
SUSE-SU-2021:1454-1
CVE Reference
CVE-2021-25317
CVSS Scores
Base 6.7 / Temporal 5.8
Description
This update for cups fixes the following issues:

- CVE-2021-25317: ownership of /var/log/cups could allow privilege
escalation from lp user to root via symlink attacks (bsc#1184161)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1454-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1454-1
CVE-2021-1835+
Apple iOS 14.5 and iPadOS 14.5 Security Update Missing (HT212317)
Severity
Urgent5
Recently Published
Qualys ID
610334
Date Published
May 5, 2021
Vendor Reference
HT212317
CVE Reference
CVE-2021-1835, CVE-2021-1837, CVE-2021-1867, CVE-2021-1849, CVE-2021-1836, CVE-2021-1808, CVE-2021-1857, CVE-2021-1846, CVE-2021-1809, CVE-2021-30659, CVE-2021-1811, CVE-2021-1872, CVE-2021-1881, CVE-2021-1882, CVE-2021-1813, CVE-2021-30656, CVE-2021-1883, CVE-2021-1884, CVE-2021-1885, CVE-2021-30653, CVE-2021-1843, CVE-2021-1858, CVE-2021-1864, CVE-2021-1877, CVE-2021-1852, CVE-2021-1830, CVE-2021-1874, CVE-2021-1851, CVE-2021-1860, CVE-2021-1816, CVE-2021-1832, CVE-2021-30660, CVE-2021-30652, CVE-2021-1875, CVE-2021-1822, CVE-2021-1865, CVE-2021-1815, CVE-2021-1739, CVE-2021-1740, CVE-2021-1807, CVE-2021-1831, CVE-2021-1868, CVE-2021-1854, CVE-2021-1848, CVE-2021-1825, CVE-2021-1817, CVE-2021-1826, CVE-2021-1820, CVE-2021-30661, CVE-2020-7463
CVSS Scores
Base 5.5 / Temporal 4.8
Description
iOS is a mobile operating system created and developed by Apple Inc.
Following security issues are observed :
This issue was addressed with improved checks. CVE-2021-1835
A certificate validation issue was addressed. CVE-2021-1837
An out-of-bounds read was addressed with improved input validation. CVE-2021-1867
An issue in code signature validation was addressed with improved checks. CVE-2021-1849
A logic issue was addressed with improved restrictions. CVE-2021-1836
A memory corruption issue was addressed with improved validation. CVE-2021-1808
A memory initialization issue was addressed with improved memory handling. CVE-2021-1857
An out-of-bounds read was addressed with improved input validation. CVE-2021-1846
A memory corruption issue was addressed with improved validation. CVE-2021-1809
A validation issue was addressed with improved logic. CVE-2021-30659
A logic issue was addressed with improved state management. CVE-2021-1811
A logic issue was addressed with improved state management. CVE-2021-1872
An out-of-bounds read was addressed with improved input validation. CVE-2021-1881
A memory corruption issue was addressed with improved validation. CVE-2021-1882
A validation issue was addressed with improved logic. CVE-2021-1813
An access issue was addressed with improved memory management. CVE-2021-30656
This issue was addressed with improved checks. CVE-2021-1883
A race condition was addressed with improved locking. CVE-2021-1884
An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1885
This issue was addressed with improved checks. CVE-2021-30653
An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1858
A use after free issue was addressed with improved memory management. CVE-2021-1864
An out-of-bounds read was addressed with improved input validation. CVE-2021-1877
A logic issue was addressed with improved state management. CVE-2021-1874
A memory initialization issue was addressed with improved memory handling. CVE-2021-1860
A buffer overflow was addressed with improved bounds checking. CVE-2021-1816
The issue was addressed with improved permissions logic. CVE-2021-1832
An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30660
A race condition was addressed with additional validation. CVE-2021-30652
A double free issue was addressed with improved memory management. CVE-2021-1875
A logic issue was addressed with improved restrictions. CVE-2021-1822
An issue obscuring passwords in screenshots was addressed with improved logic. CVE-2021-1865
A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2021-1815
A validation issue was addressed with improved input sanitization. CVE-2021-1807
The issue was addressed with improved permissions logic. CVE-2021-1831
A logic issue was addressed with improved state management. CVE-2021-1868
A call termination issue with was addressed with improved logic. CVE-2021-1854
The issue was addressed with improved UI handling. CVE-2021-1848
An input validation issue was addressed with improved input validation. CVE-2021-1825
A memory corruption issue was addressed with improved state management. CVE-2021-1817
A logic issue was addressed with improved restrictions. CVE-2021-1826
A memory initialization issue was addressed with improved memory handling. CVE-2021-1820
A use after free issue was addressed with improved memory management. CVE-2021-30661
A use after free issue was addressed with improved memory management. CVE-2020-7463
Affected Devices
iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Refer to Apple advisory HT212317 for patching details.
Patches
iOS HT212317
—
Debian Security Update for python-apt (DLA 2488-2)
Severity
Critical4
Recently Published
Qualys ID
178548
Date Published
May 5, 2021
Vendor Reference
DLA 2488-2
CVSS Scores
Base 4.3 / Temporal 3.8
Description
Debian has released security update for python-apt to fix the vulnerabilities.
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Refer to Debian security advisory DLA 2488-2 for patching details.
Patches
Debian DLA 2488-2
CVE-2021-21344+
CentOS Security Update for xstream (CESA-2021:1354)
Severity
Critical4
Recently Published
Qualys ID
257081
Date Published
May 4, 2021
Vendor Reference
CESA-2021:1354 centos 7
CVE Reference
CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21350
CVSS Scores
Base 9.9 / Temporal 8.6
Description
CentOS has released security update for xstream to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:1354
CVE-2021-27135
CentOS Security Update for xterm (CESA-2021:0617)
Severity
Critical4
Recently Published
Qualys ID
257083
Date Published
May 4, 2021
Vendor Reference
CESA-2021:0617 centos 7
CVE Reference
CVE-2021-27135
CVSS Scores
Base 9.8 / Temporal 8.5
Description
CentOS has released security update for xterm security update to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:0617
CVE-2021-26937
CentOS Security Update for screen (CESA-2021:0742)
Severity
Critical4
Recently Published
Qualys ID
257075
Date Published
May 4, 2021
Vendor Reference
CESA-2021:0742 centos 7
CVE Reference
CVE-2021-26937
CVSS Scores
Base 9.8 / Temporal 8.5
Description
CentOS has released security update for screen security update to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:0742
CVE-2020-25097
CentOS Security Update for squid (CESA-2021:1135)
Severity
Critical4
Recently Published
Qualys ID
257077
Date Published
May 4, 2021
Vendor Reference
CESA-2021:1135 centos 7
CVE Reference
CVE-2020-25097
CVSS Scores
Base 8.6 / Temporal 7.5
Description
CentOS has released security update for squid security update to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:1135
CVE-2021-20305
CentOS Security Update for nettle (CESA-2021:1145)
Severity
Critical4
Recently Published
Qualys ID
257076
Date Published
May 4, 2021
Vendor Reference
CESA-2021:1145 centos 7
CVE Reference
CVE-2021-20305
CVSS Scores
Base 8.1 / Temporal 7.1
Description
CentOS has released security update for nettle security update to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:1145
CVE-2021-20208+
SUSE Enterprise Linux Security Update for cifs-utils (SUSE-SU-2021:1455-1)
Severity
Critical4
Recently Published
Qualys ID
174970
Date Published
May 4, 2021
Vendor Reference
SUSE-SU-2021:1455-1
CVE Reference
CVE-2021-20208, CVE-2020-14342
CVSS Scores
Base 7 / Temporal 6.1
Description
This update for cifs-utils fixes the following security issues:

- CVE-2021-20208: Fixed a potential kerberos auth leak escaping from
container. (bsc#1183239)
- CVE-2020-14342: Fixed a shell command injection vulnerability in
mount.cifs. (bsc#1174477)

This update for cifs-utils fixes the following issues:

- Solve invalid directory mounting. When attempting to change the current
working directory into non-existing directories, mount.cifs crashes.
(bsc#1152930)

- Fixed a bug where it was no longer possible to mount CIFS filesystem
after the last maintenance update. (bsc#1184815)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1455-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1455-1
CVE-2021-25317
SUSE Enterprise Linux Security Update for cups (SUSE-SU-2021:1453-1)
Severity
Critical4
Recently Published
Qualys ID
174968
Date Published
May 4, 2021
Vendor Reference
SUSE-SU-2021:1453-1
CVE Reference
CVE-2021-25317
CVSS Scores
Base 6.7 / Temporal 5.8
Description
This update for cups fixes the following issues:

- CVE-2021-25317: ownership of /var/log/cups could allow privilege
escalation from lp user to root via symlink attacks (bsc#1184161)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1453-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1453-1
CVE-2021-3308+
SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:1460-1)
Severity
Critical4
Recently Published
Qualys ID
174972
Date Published
May 4, 2021
Vendor Reference
SUSE-SU-2021:1460-1
CVE Reference
CVE-2021-3308, CVE-2020-28368, CVE-2021-28687
CVSS Scores
Base 5.5 / Temporal 4.8
Description
This update for xen fixes the following issues:

- CVE-2020-28368: Intel RAPL sidechannel attack aka PLATYPUS attack
(bsc#1178591, XSA-351)
- CVE-2021-3308: IRQ vector leak on x86 (bsc#1181254, XSA-360)
- CVE-2021-28687: HVM soft-reset crashes toolstack (bsc#1183072, XSA-368)
- L3: conring size for XEN HV's with huge memory to small (bsc#1177204).
- kdump of HVM fails, soft-reset not handled by libxl (bsc#1179148)
- openQA job causes libvirtd to dump core when running kdump inside domain
(bsc#1181989).
- Upstream bug fixes (bsc#1027519)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1460-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1460-1
CVE-2021-2163
CentOS Security Update for java-1.8.0-openjdk (CESA-2021:1298)
Severity
Critical4
Recently Published
Qualys ID
257080
Date Published
May 4, 2021
Vendor Reference
CESA-2021:1298 centos 7
CVE Reference
CVE-2021-2163
CVSS Scores
Base 5.3 / Temporal 4.6
Description
CentOS has released security update for java-1.8.0-openjdk to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:1298
CVE-2021-2163
CentOS Security Update for java-11-openjdk (CESA-2021:1297)
Severity
Critical4
Recently Published
Qualys ID
257079
Date Published
May 4, 2021
Vendor Reference
CESA-2021:1297 centos 7
CVE Reference
CVE-2021-2163
CVSS Scores
Base 5.3 / Temporal 4.6
Description
CentOS has released security update for java-11-openjdk to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:1297
CVE-2021-25215
CentOS Security Update for bind (CESA-2021:1469)
Severity
Critical4
Recently Published
Qualys ID
257082
Date Published
May 4, 2021
Vendor Reference
CESA-2021:1469 centos 7
CVE Reference
CVE-2021-25215
CVSS Scores
Base 5 / Temporal 4.4
Description
CentOS has released security update for bind security update to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:1469
CVE-2021-23991+
CentOS Security Update for thunderbird (CESA-2021:1192)
Severity
Critical4
Recently Published
Qualys ID
257078
Date Published
May 4, 2021
Vendor Reference
CESA-2021:1192 centos 7
CVE Reference
CVE-2021-23991, CVE-2021-23992, CVE-2021-23993, CVE-2021-29949, CVE-2021-29950
CVSS Scores
Base 5 / Temporal 4.4
Description
CentOS has released security update for thunderbird to fix the vulnerabilities.
Affected Products:

centos 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
Patches
centos 7 CESA-2021:1192
CVE-2020-28007+
Exim Mail Server Multiple Vulnerabilities (21Nails)(Generic)
Severity
Urgent5
Recently Published
Qualys ID
50110
Date Published
May 4, 2021
Vendor Reference
Exim 21Nails Multiple vulnerabilities
CVE Reference
CVE-2020-28007, CVE-2020-28008, CVE-2020-28014, CVE-2021-27216, CVE-2020-28011, CVE-2020-28010, CVE-2020-28013, CVE-2020-28016, CVE-2020-28015, CVE-2020-28012, CVE-2020-28009, CVE-2020-28017, CVE-2020-28020, CVE-2020-28023, CVE-2020-28021, CVE-2020-28022, CVE-2020-28026, CVE-2020-28019, CVE-2020-28024, CVE-2020-28018, CVE-2020-28025
CVSS Scores
Base 8.8 / Temporal 7.9
Description
Exim is a mail transfer agent (MTA) used on Unix-like operating systems. Exim is free software and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.
Qualys Research Team has discovered 21 vulnerabilities (11 local vulnerabilities and 10 remote vulnerabilities) that affect Exim mail Server. It has been given the name 21Nails. The bugs can be leveraged to elevate privileges to root, execute code remotely among other attacks.
Affected Versions:
Exim versions prior to 4.94.2

QID Detection Logic (Unauthenticated):
The QID checks for the SMTP banner to check for vulnerable versions of exim.
QID Detection Logic (Authenticated):
The QID checks for vulnerable versions of exim by running command "exim --version".
Consequence
Successful exploitation will allow remote code execution, privilege escalation, file deletion etc.
Solution
Customer are advised to update to Exim version 4.94.2 or later.
Patches
Exim downloads
CVE-2021-1765+
SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:1430-1)
Severity
Critical4
In Development
Qualys ID
174960
Vendor Reference
SUSE-SU-2021:1430-1
CVE Reference
CVE-2021-1765, CVE-2021-1799, CVE-2021-1871, CVE-2020-29623, CVE-2021-1844, CVE-2021-1801, CVE-2021-1789, CVE-2021-1870, CVE-2021-1788, CVE-2020-27918
CVSS Scores
Base 9.8 / Temporal 8.5
Description
This update for webkit2gtk3 fixes the following issues:

- Update to version 2.32.0 (bsc#1184155):
* Fix the authentication request port when URL omits the port.
* Fix iframe scrolling when main frame is scrolled in async
* scrolling mode.
* Stop using g_memdup.
* Show a warning message when overriding signal handler for
* threading suspension.
* Fix the build on RISC-V with GCC 11.
* Fix several crashes and rendering issues.
* Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871
- Update in version 2.30.6 (bsc#1184262):
* Update user agent quirks again for Google Docs and Google Drive.
* Fix several crashes and rendering issues.
* Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765
CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870.
- Update _constraints for armv6/armv7 (bsc#1182719)
- restore NPAPI plugin support which was removed in 2.32.0
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1430-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1430-1
CVE-2021-25900
SUSE Enterprise Linux Security Update for librsvg (SUSE-SU-2021:1408-1)
Severity
Critical4
In Development
Qualys ID
174957
Vendor Reference
SUSE-SU-2021:1408-1
CVE Reference
CVE-2021-25900
CVSS Scores
Base 9.8 / Temporal 8.5
Description
This update for librsvg fixes the following issues:

- librsvg was updated to 2.46.5:
* Update dependent crates that had security vulnerabilities: smallvec to
0.6.14 - RUSTSEC-2018-0003 - CVE-2021-25900 (bsc#1183403)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1408-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1408-1
CVE-2021-20305
SUSE Enterprise Linux Security Update for libnettle (SUSE-SU-2021:1412-1)
Severity
Critical4
In Development
Qualys ID
174959
Vendor Reference
SUSE-SU-2021:1412-1
CVE Reference
CVE-2021-20305
CVSS Scores
Base 8.1 / Temporal 7.1
Description
This update for libnettle fixes the following issues:

- CVE-2021-20305: Fixed the multiply function which was being called with
out-of-range scalars (bsc#1184401).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1412-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1412-1
CVE-2021-25297+
Nagios XI 5.7.5 Have Multiple Vulnerabilities
Severity
Critical4
Recently Published
Qualys ID
375516
Date Published
May 4, 2021
Vendor Reference
Nagios XI
CVE Reference
CVE-2021-25297, CVE-2021-25298, CVE-2021-25299
CVSS Scores
Base 8.8 / Temporal 7.9
Description
Nagios Core is a free and open source computer-software application that monitors systems, networks and infrastructure. Nagios offers monitoring and alerting services for servers, switches, applications and services.
CVE-2021-25297-An OS command injection as the apache user through variables passed into the Config Wizard.
CVE-2021-25298-An OS command injection as the apache user through variables passed into the Config Wizard.
CVE-2021-25299-XSS vulnerability in the SSH Terminal page.
Affected version:
Version: 5.7.5
QID Detection Logic:(Authenticated)
It will check for vulnerable version of Nagios Core from version file.
Consequence
Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary OS and files command which may lead to remote code execution.
Solution
The vendor has released the fix. This issue was fixed in version 5.8.0 or above. Please visit here for more information.
Patches
Nagios XI
—
EOL/Obsolete Operating System: Ubuntu 16.04 Detected
Severity
Urgent5
Recently Published
Qualys ID
105977
Date Published
May 3, 2021
Vendor Reference
EMS for Ubuntu 16.04
CVSS Scores
Base 9.8 / Temporal 9
Description
Support for Ubuntu 16.04 ended on April 30th, 2021. Ubuntu Security Notices will no longer include information or updated packages for Ubuntu 16.04

QID Detection Logic:
The QID checks for the vulnerable version of Ubuntu.
Consequence
The system is at high risk of being exposed to security vulnerabilities. Since the vendor will not provide standard support.
Solution
Users are encouraged to evaluate and upgrade to our latest release
Refer to Ubuntu for information on this operating system.
CVE-2021-20305
SUSE Enterprise Linux Security Update for libnettle (SUSE-SU-2021:1399-1)
Severity
Critical4
Recently Published
Qualys ID
174949
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1399-1
CVE Reference
CVE-2021-20305
CVSS Scores
Base 8.1 / Temporal 7.1
Description
This update for libnettle fixes the following issues:

- CVE-2021-20305: Fixed the multiply function which was being called with
out-of-range scalars (bsc#1184401, bsc#1183835).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1399-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1399-1
CVE-2021-28660+
SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (SUSE-SU-2021:1365-1)
Severity
Critical4
In Development
Qualys ID
174955
Vendor Reference
SUSE-SU-2021:1365-1
CVE Reference
CVE-2021-28660, CVE-2021-26930, CVE-2021-28688, CVE-2021-26931, CVE-2021-3444
CVSS Scores
Base 7.8 / Temporal 6.8
Description
This update for the Linux Kernel 4.12.14-197_64 fixes several issues.

The following security issues were fixed:

- CVE-2021-3444: Fixed an issue with the bpf verifier which did not
properly handle mod32 destination register truncation when the source
register was known to be 0 leading to out of bounds read (bsc#1184171).
- CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan
(bsc#1183658).
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
bsc#1183646).
- CVE-2021-26930: Fixed an improper error handling in blkback's grant
mapping (XSA-365 bsc#1182294).
- CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
mapping errors as bugs (XSA-362 bsc#1183022).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1365-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1365-1
CVE-2021-28688+
SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (SUSE-SU-2021:1373-1)
Severity
Critical4
Recently Published
Qualys ID
174954
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1373-1
CVE Reference
CVE-2021-28688, CVE-2021-26931, CVE-2021-26930
CVSS Scores
Base 7.8 / Temporal 6.8
Description
This update for the Linux Kernel 4.4.180-94_135 fixes one issue.

The following security issues were fixed:

- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
bsc#1183646).
- CVE-2021-26930: Fixed an improper error handling in blkback's grant
mapping (XSA-365 bsc#1182294).
- CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
mapping errors as bugs (XSA-362 bsc#1183022).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1373-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1373-1
CVE-2021-28688+
SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15 SP1) (SUSE-SU-2021:1395-1)
Severity
Critical4
In Development
Qualys ID
174953
Vendor Reference
SUSE-SU-2021:1395-1
CVE Reference
CVE-2021-28688, CVE-2021-3444, CVE-2021-28660
CVSS Scores
Base 7.8 / Temporal 6.8
Description
This update for the Linux Kernel 4.12.14-197_86 fixes several issues.

The following security issues were fixed:

- CVE-2021-3444: Fixed an issue with the bpf verifier which did not
properly handle mod32 destination register truncation when the source
register was known to be 0 leading to out of bounds read (bsc#1184171).
- CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan
(bsc#1183658).
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
bsc#1183646).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1395-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1395-1
CVE-2021-28688+
SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15) (SUSE-SU-2021:1347-1)
Severity
Critical4
In Development
Qualys ID
174952
Vendor Reference
SUSE-SU-2021:1347-1
CVE Reference
CVE-2021-28688, CVE-2021-3444
CVSS Scores
Base 7.8 / Temporal 6.8
Description
This update for the Linux Kernel 4.12.14-150_69 fixes several issues.

The following security issues were fixed:

- CVE-2021-3444: Fixed an issue with the bpf verifier which did not
properly handle mod32 destination register truncation when the source
register was known to be 0 leading to out of bounds read (bsc#1184171).
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
bsc#1183646).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1347-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1347-1
CVE-2021-28688+
SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 21 for SLE 15) (SUSE-SU-2021:1344-1)
Severity
Critical4
In Development
Qualys ID
174950
Vendor Reference
SUSE-SU-2021:1344-1
CVE Reference
CVE-2021-28688, CVE-2021-26931, CVE-2021-26930, CVE-2021-3444
CVSS Scores
Base 7.8 / Temporal 6.8
Description
This update for the Linux Kernel 4.12.14-150_63 fixes several issues.

The following security issues were fixed:

- CVE-2021-3444: Fixed an issue with the bpf verifier which did not
properly handle mod32 destination register truncation when the source
register was known to be 0 leading to out of bounds read (bsc#1184171).
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
bsc#1183646).
- CVE-2021-26930: Fixed an improper error handling in blkback's grant
mapping (XSA-365 bsc#1182294).
- CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
mapping errors as bugs (XSA-362 bsc#1183022).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1344-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1344-1
CVE-2021-23995+
SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2021:1433-1)
Severity
Critical4
Recently Published
Qualys ID
174961
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1433-1
CVE Reference
CVE-2021-23995, CVE-2021-23998, CVE-2021-23994, CVE-2021-29945, CVE-2021-29946, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002
CVSS Scores
Base 7.4 / Temporal 6.4
Description
This update for MozillaFirefox fixes the following issues:

- MozillaFirefox was updated to 78.10.0 ESR (bsc#1184960)
* CVE-2021-23994: Out of bound write due to lazy initialization
* CVE-2021-23995: Use-after-free in Responsive Design Mode
* CVE-2021-23998: Secure Lock icon could have been spoofed
* CVE-2021-23961: More internal network hosts could have been probed by
a malicious webpage
* CVE-2021-23999: Blob URLs may have been granted additional privileges
* CVE-2021-24002: Arbitrary FTP command execution on FTP servers using
an encoded URL
* CVE-2021-29945: Incorrect size computation in WebAssembly JIT could
lead to null-reads
* CVE-2021-29946: Port blocking could be bypassed
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1433-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1433-1
CVE-2020-9484+
SUSE Enterprise Linux Security Update for tomcat (SUSE-SU-2021:1431-1)
Severity
Critical4
Recently Published
Qualys ID
174964
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1431-1
CVE Reference
CVE-2020-9484, CVE-2021-25329
CVSS Scores
Base 7 / Temporal 6.1
Description
This update for tomcat fixes the following issues:

- CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1431-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1431-1
CVE-2021-20254
SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1445-1)
Severity
Critical4
Recently Published
Qualys ID
174967
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1445-1
CVE Reference
CVE-2021-20254
CVSS Scores
Base 6.7 / Temporal 5.8
Description
This update for samba fixes the following issues:

- CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
(bsc#1184677).
- Avoid free'ing our own pointer in memcache when memcache_trim attempts
to reduce cache size (bsc#1179156).
- Adjust smbcacls '--propagate-inheritance' feature to align with upstream
(bsc#1178469).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1445-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1445-1
CVE-2021-20254+
SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1444-1)
Severity
Critical4
In Development
Qualys ID
174966
Vendor Reference
SUSE-SU-2021:1444-1
CVE Reference
CVE-2021-20254, CVE-2021-20277, CVE-2020-27840
CVSS Scores
Base 6.7 / Temporal 5.8
Description
This update for samba fixes the following issues:

- CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold
(bsc#1183574).
- CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
(bsc#1184677).
- CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad
DNs (bsc#1183572).
- Avoid free'ing our own pointer in memcache when memcache_trim attempts
to reduce cache size (bsc#1179156).
- s3-libads: use dns name to open a ldap session (bsc#1184310).
- Adjust smbcacls '--propagate-inheritance' feature to align with upstream
(bsc#1178469).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1444-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1444-1
CVE-2021-20254
SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1438-1)
Severity
Critical4
Recently Published
Qualys ID
174965
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1438-1
CVE Reference
CVE-2021-20254
CVSS Scores
Base 6.7 / Temporal 5.8
Description
This update for samba fixes the following issues:

- CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
(bsc#1184677).
- Avoid free'ing our own pointer in memcache when memcache_trim attempts
to reduce cache size (bsc#1179156).
- Adjust smbcacls '--propagate-inheritance' feature to align with upstream
(bsc#1178469).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1438-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1438-1
—
SUSE Enterprise Linux Security Update for permissions (SUSE-SU-2021:1429-1)
Severity
Critical4
Recently Published
Qualys ID
174963
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1429-1
CVSS Scores
Base 5.6 / Temporal 4.9
Description
This update for permissions fixes the following issues:

- Update to version 20170707:
* make btmp root:utmp (bsc#1050467, bsc#1182899)
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1429-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1429-1
—
SUSE Enterprise Linux Security Update for gdm (SUSE-SU-2021:1401-1)
Severity
Critical4
Recently Published
Qualys ID
174948
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1401-1
CVSS Scores
Base 5.6 / Temporal 4.9
Description
This update for gdm fixes the following issues:

- Avoid the signal SIGTRAP when gdm exits (bsc#1184456).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1401-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1401-1
CVE-2019-5736
Oracle Enterprise Linux Security Update for runc (ELSA-2021-9203)
Severity
Urgent5
In Development
Qualys ID
159170
Vendor Reference
ELSA-2021-9203
CVE Reference
CVE-2019-5736
CVSS Scores
Base 8.6 / Temporal 6.9
Description
Oracle Enterprise Linux has released a security update for runc bug to fix the vulnerabilities.
Affected Product:
Oracle Linux 7
Consequence
This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

ELSA-2021-9203.
Patches
Oracle Linux ELSA-2021-9203
CVE-2020-27337
HPE Integrated Lights-Out (iLO) Remote Memory Corruption Vulnerability (hpesbhf04106)
Severity
Critical4
Recently Published
Qualys ID
730068
Date Published
May 3, 2021
Vendor Reference
hpesbhf04106
CVE Reference
CVE-2020-27337
CVSS Scores
Base 7.3 / Temporal 6.4
Description
HPE Integrated Lights-Out (iLO) is an embedded server management technology used for out-of-band management. A potential security vulnerability has been identified in Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware.

Affected Versions:
HP Integrated Lights-Out 5 (iLO 4) firmware versions prior to v2.33
HP Integrated Lights-Out 4 (iLO 4) firmware versions prior to v2.77

QID Detection Logic(Unauthenticated):
This QID checks for vulnerable version of HPE Integrated Lights-Out via an HTTP request to "xmldata?item=All" URL.
Consequence
The vulnerability could be remotely exploited to cause memory corruption.
Solution
Customers are advised to visit HPSBHF03275 to remediate this vulnerability.
Patches
hpesbhf04106
CVE-2021-28688
SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (SUSE-SU-2021:1341-1)
Severity
Critical4
Recently Published
Qualys ID
174947
Date Published
May 3, 2021
Vendor Reference
SUSE-SU-2021:1341-1
CVE Reference
CVE-2021-28688
CVSS Scores
Base 6.5 / Temporal 5.7
Description
This update for the Linux Kernel 4.4.180-94_141 fixes one issue.

The following security issue was fixed:

- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
bsc#1183646).
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1341-1 to address this issue and obtain further details.
Patches
SUSE Enterprise Linux SUSE-SU-2021:1341-1
CVE-2021-27928
Oracle Enterprise Linux Security Update for mariadb:10.3 and mariadb-devel:10.3 (ELSA-2021-1242)
Severity
Urgent5
In Development
Qualys ID
159165
Vendor Reference
ELSA-2021-1242
CVE Reference
CVE-2021-27928
CVSS Scores
Base 7.2 / Temporal 5.8
Description
Oracle Enterprise Linux has released a security update for mariadb:10.3 and mariadb-devel:10.3 to fix the vulnerabilities.
Affected Product:
Oracle Linux 8
Consequence
This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

ELSA-2021-1242.
Patches
Oracle Linux ELSA-2021-1242
CVE-2021-27928
Oracle Enterprise Linux Security Update for mariadb:10.3 and mariadb-devel:10.3 (ELSA-2021-1242)
Severity
Urgent5
In Development
Qualys ID
159164
Vendor Reference
ELSA-2021-1242
CVE Reference
CVE-2021-27928
CVSS Scores
Base 7.2 / Temporal 5.8
Description
Oracle Enterprise Linux has released a security update for mariadb:10.3 and mariadb-devel:10.3 to fix the vulnerabilities.
Affected Product:
Oracle Linux 8
Consequence
This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

ELSA-2021-1242.
Patches
Oracle Linux ELSA-2021-1242
CVE-2020-11669+
Red Hat Update for kernel-alt (RHSA-2021:1379)
Severity
Critical4
In Development
Qualys ID
239253
Vendor Reference
RHSA-2021:1379
CVE Reference
CVE-2020-11669, CVE-2021-3347, CVE-2021-27364, CVE-2021-27365
CVSS Scores
Base 7.8 / Temporal 6.8
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) kernel: powerpc: guest can cause DoS on POWER9 KVM hosts (CVE-2020-11669)
Affected Products:

Red Hat Enterprise Linux for Power 9 7 ppc64le
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1379 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1379
CVE-2020-5931
F5 BIG-IP ASM,LTM,APM TMM Vulnerability (K25400442)
Severity
Critical4
Recently Published
Qualys ID
375514
Date Published
May 3, 2021
Vendor Reference
K25400442
CVE Reference
CVE-2020-5931
CVSS Scores
Base 7.5 / Temporal 6.5
Description
F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
F5 BIG-IP (LTM) Local Traffic Manager is the most popular module offered on F5 Networks BiG-IP platform. The real power of the LTM is it is a Full Proxy, allowing you to augment client and server side connections. All while making informed load balancing decisions on availability, performance, and persistence.
F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.
Vulnerable Component: BIG-IP ASM, APM,LTM
Affected Versions:
15.0.0 - 15.1.0
14.0.0 - 14.1.2
13.1.0 - 13.1.3
12.1.0 - 12.1.5
11.5.2 - 11.6.5
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
Consequence
An attacker may be able to perform a denial-of-service (DoS) attack on a BIG-IP system by causing the TMM process to restart.
Solution
The vendor has released any patch, for more information please visit: K25400442
Workaround:
To mitigate this vulnerability, you can remove the OneConnect profile from the affected virtual server.
Patches
K25400442
—
EOL/Obsolete Software: PowerShell 6.x Detected
Severity
Urgent5
Recently Published
Qualys ID
105975
Date Published
May 3, 2021
Vendor Reference
PowerShell End Of Life
CVSS Scores
Base 8.1 / Temporal 7.4
Description
PowerShell is a cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on Windows, Linux, and macOS.
No further bug fixes, enhancements, security updates or technical support is available for this version.
Affected Versions and EOL:
PowerShell Version 6.0 : February 13,2019
PowerShell Version 6.1 : September 28,2019
PowerShell Version 6.2 : September 4,2020
QID Detection Logic:
Operating System: Windows
The QID checks for vulnerable version of file pwsh,exe
Operating System: Linux
The QID checks for vulnerable version of PowerShell Core by running command "pwsh --version" .

Consequence
The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is more vulnerable to viruses and other attacks.
Solution
Upgrade to the latest supported PowerShell. Refer to PowerShell 7.0 or later.
CVE-2020-12662+
F5 BIG-IP Unbound DNS Cache Vulnerabilities(K37661551)
Severity
Critical4
Recently Published
Qualys ID
375488
Date Published
May 3, 2021
Vendor Reference
K37661551
CVE Reference
CVE-2020-12662, CVE-2020-12663
CVSS Scores
Base 7.5 / Temporal 6.5
Description
F5's BIG-IP is a family of products covering software and hardware designed around application availability, access control, and security solutions.
Vulnerable Component: BIG-IP DNS, GTM
Affected Versions:
15.0.0 - 15.1.0
14.1.0 - 14.1.2
13.1.0 - 13.1.3
12.1.0 - 12.1.5
11.6.1 - 11.6.5
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
Consequence
A remote attacker may be able to perform a DoS attack on a DNS cache configured on the BIG-IP system by causing Unbound to become unresponsive.
Solution
The vendor has released any patch, for more information please visit: K37661551
Patches
K37661551
CVE-2021-1844
Apple MacOS Big Sur 11.2.3 Security Update(HT212220)
Severity
Critical4
Recently Published
Qualys ID
375427
Date Published
May 3, 2021
Vendor Reference
HT212220
CVE Reference
CVE-2021-1844
CVSS Scores
Base 8.8 / Temporal 7.7
Description
macOS Big Sur (version 11) is the 17th and current major release of macOS, Apple Inc.'s operating system for Macintosh computers, and is the successor to macOS Catalina (version 10.15).
Affected Versions:
Apple MacOS Big Sur version before 11.2.3
QID Detection Logic:
This QID checks for vulnerable version of Big sur.
Consequence
Processing maliciously crafted web content may lead to arbitrary code execution
Solution
The updates can be downloaded from Apple Downloads.
For more information regarding the update can be found at HT212220.
Patches
HT212220
CVE-2021-23008
F5 BIG-IP APM AD Authentication Vulnerability(K51213246)
Severity
Critical4
Recently Published
Qualys ID
375519
Date Published
April 30, 2021
Vendor Reference
K51213246
CVE Reference
CVE-2021-23008
CVSS Scores
Base 9.8 / Temporal 8.5
Description
F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.
Vulnerable Component: BIG-IP APM
Affected Versions:
16.0.0 - 16.0.1
15.0.0 - 15.1.2
14.1.0 - 14.1.3
13.1.0 - 13.1.3
12.1.0 - 12.1.5
11.5.2 - 11.6.5
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
Consequence
A remote attacker can hijack a KDC connection using a spoofed AS-REP response.
Solution
The vendor has released patch, for more information please visit: K51213246
Workaround:
To mitigate this vulnerability, you can configure multi-factor authentication (MFA), or host-level authentication, such as deploying an IPSec tunnel between the affected BIG-IP APM system and the AD servers.
Patches
K51213246
CVE-2019-2201
EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2021-1686)
Severity
Urgent5
Recently Published
Qualys ID
670187
Date Published
April 29, 2021
Vendor Reference
EulerOS-SA-2021-1686
CVE Reference
CVE-2019-2201
CVSS Scores
Base 7.8 / Temporal 6.8
Description
Euler has released a security update for libjpeg-turbo to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP5
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1686
Patches
EulerOS-SA-2021-1686
—
EOL/Obsolete Hardware: Cisco Catalyst 4500 Supervisor Engine 6-E Detected
Severity
Urgent5
Recently Published
Qualys ID
105976
Date Published
April 29, 2021
Vendor Reference
Cisco Catalyst 4500 Supervisor Engine 6-E
CVSS Scores
Base 7.3 / Temporal 6.5
Description
Cisco announced the end-of-life dates for the Cisco Catalyst Cisco Catalyst 4500 Supervisor Engine 6-E on 1st March, 2013.
QID Detection Logic (Authenticated):
This QID checks "show version" command for catalyst version and posts if End Of Life version is found.
Consequence
The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is more vulnerable to viruses and other attacks.
Solution
Customers are encouraged to migrate to the Cisco Catalyst 4500E Supervisor Engine 8-E.
CVE-2021-21344+
Red Hat Update for xstream (RHSA-2021:1354)
Severity
Critical4
Recently Published
Qualys ID
239260
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1354
CVE Reference
CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21350
CVSS Scores
Base 9.9 / Temporal 8.6
Description
XStream is a Java XML serialization library to serialize objects to and deserialize object from XML.
Security Fix(es): XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet (CVE-2021-21344) XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry (CVE-2021-21345) XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue (CVE-2021-21346) XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator (CVE-2021-21347) XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader (CVE-2021-21350)
Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1354 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1354
CVE-2020-12658
EulerOS Security Update for gssproxy (EulerOS-SA-2021-1679)
Severity
Critical4
Recently Published
Qualys ID
670179
Date Published
April 29, 2021
Vendor Reference
EulerOS-SA-2021-1679
CVE Reference
CVE-2020-12658
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Euler has released a security update for gssproxy to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP5
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1679
Patches
EulerOS-SA-2021-1679
CVE-2020-36158+
EulerOS Security Update for kernel (EulerOS-SA-2021-1684)
Severity
Critical4
Recently Published
Qualys ID
670185
Date Published
April 29, 2021
Vendor Reference
EulerOS-SA-2021-1684
CVE Reference
CVE-2020-36158, CVE-2020-0543, CVE-2019-3900, CVE-2018-9517, CVE-2019-11135, CVE-2019-19338, CVE-2020-10690, CVE-2020-12351, CVE-2020-27786, CVE-2020-25669, CVE-2020-27777, CVE-2020-29660, CVE-2020-29661, CVE-2020-14305, CVE-2019-20934, CVE-2020-4788, CVE-2020-25704, CVE-2020-29370, CVE-2020-28974, CVE-2020-28915, CVE-2020-29371, CVE-2020-15436, CVE-2020-15437
CVSS Scores
Base 8.8 / Temporal 7.9
Description
Euler has released a security update for kernel to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP5
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1684
Patches
EulerOS-SA-2021-1684
CVE-2020-25681+
EulerOS Security Update for dnsmasq (EulerOS-SA-2021-1673)
Severity
Critical4
Recently Published
Qualys ID
670173
Date Published
April 29, 2021
Vendor Reference
EulerOS-SA-2021-1673
CVE Reference
CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25685, CVE-2020-25686, CVE-2020-25684, CVE-2020-25684, CVE-2020-25685, CVE-2020-25684, CVE-2020-25686, CVE-2020-25687
CVSS Scores
Base 8.1 / Temporal 7.1
Description
Euler has released a security update for dnsmasq to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP5
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1673
Patches
EulerOS-SA-2021-1673
CVE-2020-15436+
Red Hat Update for kernel (RHSA-2021:1376)
Severity
Critical4
Recently Published
Qualys ID
239255
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1376
CVE Reference
CVE-2020-15436, CVE-2020-28374, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
CVSS Scores
Base 8.1 / Temporal 7.1
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es): kernel: SCSI target (LIO)
write to any block on ILO backstore (CVE-2020-28374) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) kernel: use-after-free in fs/block_dev.c (CVE-2020-15436) kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
Red Hat Enterprise Linux Server - AUS 7.6 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
Red Hat Enterprise Linux Server - TUS 7.6 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
Red Hat Virtualization Host - Extended Update Support 4.2 for RHEL 7.6 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1376 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1376
CVE-2020-28374+
Red Hat Update for kpatch-patch (RHSA-2021:1377)
Severity
Critical4
Recently Published
Qualys ID
239254
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1377
CVE Reference
CVE-2020-28374, CVE-2021-27364, CVE-2021-27365
CVSS Scores
Base 8.1 / Temporal 7.1
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es): kernel: SCSI target (LIO)
write to any block on ILO backstore (CVE-2020-28374) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
Red Hat Enterprise Linux Server - AUS 7.6 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
Red Hat Enterprise Linux Server - TUS 7.6 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1377 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1377
CVE-2021-23240+
EulerOS Security Update for sudo (EulerOS-SA-2021-1707)
Severity
Critical4
Recently Published
Qualys ID
670208
Date Published
April 29, 2021
Vendor Reference
EulerOS-SA-2021-1707
CVE Reference
CVE-2021-23240, CVE-2021-23239, CVE-2021-3156
CVSS Scores
Base 7.8 / Temporal 7
Description
Euler has released a security update for sudo to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP5
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1707
Patches
EulerOS-SA-2021-1707
CVE-2021-28165
Jenkins Core Denial Of Service Vulnerability(Jenkins Security Advisory 2021-04-20)
Severity
Critical4
Recently Published
Qualys ID
730064
Date Published
April 29, 2021
Vendor Reference
Jenkins Security Advisory 2021-04-20
CVE Reference
CVE-2021-28165
CVSS Scores
Base 7.5 / Temporal 6.5
Description
Jenkins is an open-source automation server written in Java. Jenkins helps to automate the non-human part of the software development process, with continuous integration and facilitating technical aspects of continuous delivery.
Affected Versions:
Jenkins weekly up to and including 2.285
Jenkins LTS up to and including 2.277.2
Fixed Versions:
Jenkins weekly should be updated to version 2.286
Jenkins LTS should be updated to version 2.277.3
QID Detection Logic(Unauthenticated):
This QID checks for vulnerable version by sending a crafted GET request to Jenkins. This QID also detects the vulnerable version from login page or HTTP header.

Consequence
This vulnerability may allow unauthenticated attackers to cause a denial of service if Winstone-Jetty is configured to handle SSL/TLS connections.
Solution
Customers are advised to upgrade to latest Jenkins version
For further details refer to Jenkins Security Advisory 2021-04-20
Patches
Jenkins Security Advisory 2021-04-20
CVE-2021-23961+
Red Hat Update for thunderbird (RHSA-2021:1350)
Severity
Critical4
Recently Published
Qualys ID
239264
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1350
CVE Reference
CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
CVSS Scores
Base 7.4 / Temporal 6.4
Description
Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.10.0.
Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946) Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)
Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1350 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1350
CVE-2021-23961+
Red Hat Update for thunderbird (RHSA-2021:1351)
Severity
Critical4
Recently Published
Qualys ID
239263
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1351
CVE Reference
CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
CVSS Scores
Base 7.4 / Temporal 6.4
Description
Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.10.0.
Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946) Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1351 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1351
CVE-2021-23961+
Red Hat Update for thunderbird (RHSA-2021:1352)
Severity
Critical4
Recently Published
Qualys ID
239262
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1352
CVE Reference
CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
CVSS Scores
Base 7.4 / Temporal 6.4
Description
Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.10.0.
Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946) Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1352 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1352
CVE-2021-23961+
Red Hat Update for thunderbird (RHSA-2021:1353)
Severity
Critical4
Recently Published
Qualys ID
239261
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1353
CVE Reference
CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
CVSS Scores
Base 7.4 / Temporal 6.4
Description
Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.10.0.
Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946) Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)
Affected Products:

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1353 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1353
CVE-2021-23961+
Red Hat Update for firefox (RHSA-2021:1360)
Severity
Critical4
Recently Published
Qualys ID
239259
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1360
CVE Reference
CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
CVSS Scores
Base 7.4 / Temporal 6.4
Description
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.10.0 ESR.
Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946)
Affected Products:

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1360 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1360
CVE-2021-23961+
Red Hat Update for firefox (RHSA-2021:1361)
Severity
Critical4
Recently Published
Qualys ID
239258
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1361
CVE Reference
CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
CVSS Scores
Base 7.4 / Temporal 6.4
Description
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.10.0 ESR.
Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1361 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1361
CVE-2021-23961+
Red Hat Update for firefox (RHSA-2021:1362)
Severity
Critical4
Recently Published
Qualys ID
239257
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1362
CVE Reference
CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
CVSS Scores
Base 7.4 / Temporal 6.4
Description
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.10.0 ESR.
Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1362 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1362
CVE-2021-23961+
Red Hat Update for firefox (RHSA-2021:1363)
Severity
Critical4
Recently Published
Qualys ID
239256
Date Published
April 29, 2021
Vendor Reference
RHSA-2021:1363
CVE Reference
CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
CVSS Scores
Base 7.4 / Temporal 6.4
Description
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.10.0 ESR.
Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946)
Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1363 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1363
CVE-2018-11805
EulerOS Security Update for spamassassin (EulerOS-SA-2021-1706)
Severity
Critical4
Recently Published
Qualys ID
670207
Date Published
April 29, 2021
Vendor Reference
EulerOS-SA-2021-1706
CVE Reference
CVE-2018-11805
CVSS Scores
Base 6.7 / Temporal 5.8
Description
Euler has released a security update for spamassassin to fix the vulnerabilities.
Affected OS: EulerOS V2.0SP5
Consequence
An arbitrary attacker may exploit this vulnerability to compromise the system.
Solution
The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1706
Patches
EulerOS-SA-2021-1706
CVE-2021-21347+
Oracle Enterprise Linux Security Update for xstream (ELSA-2021-1354)
Severity
Critical4
In Development
Qualys ID
159162
Vendor Reference
ELSA-2021-1354
CVE Reference
CVE-2021-21347, CVE-2021-21350, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346
CVSS Scores
Base 9.9 / Temporal 7.9
Description
Oracle Enterprise Linux has released a security update for xstream to fix the vulnerabilities.
Affected Product:
Oracle Linux 7
Consequence
This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
Solution
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

ELSA-2021-1354.
Patches
Oracle Linux ELSA-2021-1354
—
Drupal Core Cross-Site Scripting Vulnerability(SA-CORE-2021-002)
Severity
Urgent5
Recently Published
Qualys ID
730058
Date Published
April 29, 2021
Vendor Reference
SA-CORE-2021-002
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Drupal is a free and open source content management framework written in PHP and distributed under the GNU General Public License.
Affected Versions:
Drupal 9.1, prior to Drupal 9.1.7.
Drupal 9.0, prior to Drupal 9.0.12.
Drupal 8.9, prior to Drupal 8.9.14.
Drupal 7, prior to Drupal 7.80.
QID Detection Logic:(Unauthenticated)
This QID checks for vulnerable version of Drupal installed on the target.
Note: Versions of Drupal 8 prior to 8.9.x are end-of-life and do not receive security coverage.

Consequence
Successful exploitation of these vulnerabilities could affect Confidentiality, Integrity and Availability.
Solution
Customers are advised to install latest drupal version.
For more information visitDrupal security advisory SA-CORE-2021-002
Patches
SA-CORE-2021-002
CVE-2021-27905
Apache Solr SSRF vulnerability
Severity
Critical4
Recently Published
Qualys ID
730063
Date Published
April 28, 2021
Vendor Reference
CVE-2021-27905
CVE Reference
CVE-2021-27905
CVSS Scores
Base / Temporal
Description
Apache Solr is an open source enterprise search platform, written in Java, from the Apache Lucene project. Its major features include full-text search, hit highlighting, faceted search, real-time indexing, dynamic clustering, database integration, NoSQL features and rich document handling.

Affected Versions:
Apache Solr versions 8.0.0 to 8.8.1
Apache Solr versions 7.0.0 to 7.7.3

QID Detection Logic (Unauthenticated):
This QID sends a crafted HTTP request to check if the target is vulnerable or not.

Consequence
Successful exploitation could lead to server side request forgery attack
Solution
Users are advised to upgrade to latest solr version Solr 8.8.2 or Apply the patch SOLR-15217
Patches
CVE-2021-27905
CVE-2020-28243+
Gentoo Linux Salt Multiple Vulnerabilities (GLSA 202103-01)
Severity
Critical4
Recently Published
Qualys ID
710007
Date Published
April 28, 2021
Vendor Reference
GLSA 202103-01
CVE Reference
CVE-2020-28243, CVE-2020-28972, CVE-2020-35662, CVE-2021-25281, CVE-2021-25282, CVE-2021-25283, CVE-2021-25284, CVE-2021-3144, CVE-2021-3148, CVE-2021-3197
CVSS Scores
Base 9.8 / Temporal 8.5
Description
Gentoo Linux is a Linux distribution
Multiple vulnerabilities have been found in Salt, the worst of which could allow remote attacker to execute arbitrary commands.
Affected Package: app-admin/salt
Affected version: Prior to 3000.8
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
Solution
The Vendor has released security update to fix the vulnerability. For more information please visit 202103-01
Patches
202103-01
CVE-2021-21227+
Google Chrome Prior To 90.0.4430.93 Multiple Vulnerabilities
Severity
Critical4
Recently Published
Qualys ID
375505
Date Published
April 28, 2021
Vendor Reference
90.0.4430.93
CVE Reference
CVE-2021-21227, CVE-2021-21232, CVE-2021-21233, CVE-2021-21228, CVE-2021-21229, CVE-2021-21230, CVE-2021-21231
CVSS Scores
Base 8.8 / Temporal 7.9
Description
Google Chrome is a web browser for multiple platforms developed by Google.
Affected Versions:
Google Chrome Prior to 90.0.4430.72
QID Detection Logic(Authenticated):
This QID checks for vulnerable versions of Google Chrome on Windows, MAC OS, and Linux OS.
Consequence
Successful exploitation of these vulnerabilities may result in attacker to execute arbitrary code execution on target system.
Solution
Customers are advised to upgrade to latest version: 90.0.4430.93
For further details refer to Google Chrome 90.0.4430.93
Patches
90.0.4430.93
CVE-2020-27942+
Apple macOS Security Update 2021-003 Mojave (HT212327)
Severity
Critical4
Recently Published
Qualys ID
375510
Date Published
April 28, 2021
Vendor Reference
HT212327
CVE Reference
CVE-2020-27942, CVE-2020-3838, CVE-2020-8037, CVE-2020-8285, CVE-2020-8286, CVE-2021-1739, CVE-2021-1784, CVE-2021-1797, CVE-2021-1805, CVE-2021-1806, CVE-2021-1808, CVE-2021-1809, CVE-2021-1811, CVE-2021-1813, CVE-2021-1828, CVE-2021-1834, CVE-2021-1839, CVE-2021-1840, CVE-2021-1843, CVE-2021-1847, CVE-2021-1851, CVE-2021-1857, CVE-2021-1860, CVE-2021-1868, CVE-2021-1873, CVE-2021-1875, CVE-2021-1876, CVE-2021-1878, CVE-2021-1881, CVE-2021-30652
CVSS Scores
Base 7.8 / Temporal 6.8
Description
Multiple vulnerabilities were addressed in Apple macOS.
Affected versions:
Apple macOS Security Update Prior to 2021-003 Mojave.
QID Detection Logic (Authenticated):
This QID looks for the missing security patches from Mojave
Consequence
Successful exploitation could allows arbitrary code execution, elevate privileges, denial of service.
Solution
The vendor has issued these fixes: Apple macOS Security Update 2021-003 Mojave.
The updates can be downloaded from Apple Downloads.
For more information regarding the update can be found at HT212327.
Patches
HT212327
CVE-2021-21222+
Microsoft Edge Based On Chromium Prior to 90.0.818.46 Multiple Vulnerabilities
Severity
Critical4
Recently Published
Qualys ID
375499
Date Published
April 28, 2021
Vendor Reference
CVE-2021-21222, CVE-2021-21223, CVE-2021-21225, CVE-2021-21226
CVE Reference
CVE-2021-21222, CVE-2021-21223, CVE-2021-21225, CVE-2021-21226
CVSS Scores
Base 9.6 / Temporal 8.3
Description
Microsoft Edge is a cross-platform web browser developed by Microsoft.
Microsoft Edge based on Chromium is affected by the following vulnerabilities:
CVE-2021-21222: Heap buffer overflow in V8.
CVE-2021-21223: Integer overflow in Mojo.
CVE-2021-21225: Out of bounds memory access in V8.
CVE-2021-21226: Use after free in navigation.
QID Detection Logic: (authenticated)
Operating System: Windows
The install path is checked via registry "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge\shell\open\command". The version is checked via file msedge.exe.
Consequence
Successful exploitation of these vulnerabilities may allow an attacker to execute arbitrary code on target system.
Solution
Customers are advised to upgrade to version
For further details refer to 90.0.818.46 or later
Patches
CVE-2021-21222, CVE-2021-21223, CVE-2021-21225, CVE-2021-21226
—
Debian Security Update for gst-libav1.0 (DSA 4901-1)
Severity
Critical4
Recently Published
Qualys ID
178565
Date Published
April 28, 2021
Vendor Reference
DSA 4901-1
CVSS Scores
Base 7.3 / Temporal 5.9
Description
Debian has released security update forgst-libav1.0 to fix the vulnerabilities.
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Refer to Debian security advisory DSA 4901-1 for patching details.
Patches
Debian DSA 4901-1
—
Debian Security Update for gst-plugins-ugly1.0 (DSA 4904-1)
Severity
Critical4
Recently Published
Qualys ID
178568
Date Published
April 28, 2021
Vendor Reference
DSA 4904-1
CVSS Scores
Base 6.5 / Temporal 5.2
Description
Debian has released security update forgst-plugins-ugly1.0 to fix the vulnerabilities.
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Refer to Debian security advisory DSA 4904-1 for patching details.
Patches
Debian DSA 4904-1
—
Debian Security Update for gst-plugins-base1.0 (DSA 4903-1)
Severity
Critical4
Recently Published
Qualys ID
178567
Date Published
April 28, 2021
Vendor Reference
DSA 4903-1
CVSS Scores
Base 5.3 / Temporal 4.3
Description
Debian has released security update forgst-plugins-base1.0 to fix the vulnerabilities.
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Refer to Debian security advisory DSA 4903-1 for patching details.
Patches
Debian DSA 4903-1
—
Debian Security Update for gst-plugins-bad1.0 (DSA 4902-1)
Severity
Critical4
Recently Published
Qualys ID
178566
Date Published
April 28, 2021
Vendor Reference
DSA 4902-1
CVSS Scores
Base 0 / Temporal 0
Description
Debian has released security update forgst-plugins-bad1.0 to fix the vulnerabilities.
Consequence
Successful exploitation allows attacker to compromise the system.
Solution
Refer to Debian security advisory DSA 4902-1 for patching details.
Patches
Debian DSA 4902-1
CVE-2021-30657+
Apple macOS Security Update 2021-002 Catalina (HT212326)
Severity
Urgent5
Recently Published
Qualys ID
375507
Date Published
April 27, 2021
Vendor Reference
HT212326
CVE Reference
CVE-2021-30657, CVE-2021-1797, CVE-2021-1810, CVE-2021-1808, CVE-2021-1857, CVE-2021-1809, CVE-2021-1847, CVE-2021-1811, CVE-2020-8285, CVE-2020-8286, CVE-2021-1784, CVE-2021-1881, CVE-2020-27942, CVE-2021-1813, CVE-2021-1882, CVE-2021-1843, CVE-2021-1834, CVE-2021-1860, CVE-2021-1851, CVE-2021-1840, CVE-2021-1875, CVE-2021-1824, CVE-2021-1876, CVE-2021-1739, CVE-2021-1740, CVE-2021-1878, CVE-2021-1868, CVE-2020-8037, CVE-2021-1839, CVE-2021-1828, CVE-2020-3838, CVE-2021-1873, CVE-2021-30652
CVSS Scores
Base 7.8 / Temporal 6.8
Description
Multiple vulnerabilities were addressed in Apple macOS.
Affected versions:
Apple macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave.
QID Detection Logic (Authenticated):
This QID looks for the missing security patches from Mojave, Big Sur, Catalina
Consequence
Successful exploitation could allow an attacker to the disclosure of sensitive user information, read restricted memory, read arbitrary files, bypass Gatekeeper checks, disclosure of process memory, unexpected application termination or arbitrary code execution, denial of service, and privilege escalation.
Solution
The vendor has released these fixes: Security Update 2021-002 Mojave.
The updates can be downloaded from Apple Downloads.
For more information regarding the update can be found at HT212326.
Patches
HT212326
CVE-2021-1853+
Apple MacOS Big Sur 11.3 Not Installed (HT212325)
Severity
Critical4
Recently Published
Qualys ID
375503
Date Published
April 27, 2021
Vendor Reference
HT212325
CVE Reference
CVE-2021-1853, CVE-2021-1849, CVE-2021-1867, CVE-2021-1810, CVE-2021-1808, CVE-2021-1857, CVE-2021-1846, CVE-2021-1809, CVE-2021-30659, CVE-2021-1847, CVE-2021-1811, CVE-2020-8286, CVE-2020-8285, CVE-2021-1784, CVE-2021-1872, CVE-2021-1881, CVE-2021-1882, CVE-2021-1813, CVE-2021-1883, CVE-2021-1884, CVE-2021-1880, CVE-2021-30653, CVE-2021-1814, CVE-2021-1843, CVE-2021-1885, CVE-2021-1858, CVE-2021-30658, CVE-2021-1841, CVE-2021-1834, CVE-2021-1860, CVE-2021-1840, CVE-2021-1851, CVE-2021-1832, CVE-2021-30660, CVE-2021-30652, CVE-2021-1875, CVE-2021-1824, CVE-2021-1859, CVE-2021-1876, CVE-2021-1815, CVE-2021-1739, CVE-2021-1740, CVE-2021-1861, CVE-2021-1855, CVE-2021-1868, CVE-2021-1878, CVE-2021-30657, CVE-2020-8037, CVE-2021-1839, CVE-2021-1825, CVE-2021-1817, CVE-2021-1826, CVE-2021-1820, CVE-2021-30661, CVE-2020-7463, CVE-2021-1828, CVE-2021-1829, CVE-2021-30655, CVE-2021-1873
CVSS Scores
Base 7.5 / Temporal 7.2
Description
macOS Big Sur (version 11) is the 17th and current major release of macOS, Apple Inc.'s operating system for Macintosh computers, and is the successor to macOS Catalina (version 10.15).
Affected Versions:
Apple MacOS Big Sur version before 11.3
QID Detection Logic:
This QID checks for vulnerable version of Big sur.
Consequence
Sucessful explotation of the vulnerability will allow privilege escalation, bypass Gatekeeper checks and information disclosure among others.
Solution
The updates can be downloaded from Apple Downloads.
For more information regarding the update can be found at HT212325.
Patches
HT212325
CVE-2018-14671
ClickHouse Remote Code Execution Vulnerability
Severity
Critical4
Recently Published
Qualys ID
375495
Date Published
April 27, 2021
Vendor Reference
ClickHouse Release 18.10.3
CVE Reference
CVE-2018-14671
CVSS Scores
Base 9.8 / Temporal 8.5
Description
ClickHouse is an open-source column-oriented DBMS for online analytical processing.
ClickHouse is vulnerable to Remote Code Execution Vulnerability
Affected Versions:
Prior to ClickHouse version 18.10.3
QID Detection Logic:
This QID uses command clickhouse-client to get the version from the linux system

Consequence
Successful exploitation could allow remote code execution
Solution
Please refer to advisory clickhouse release 18.10.3
Patches
ClickHouse Release 18.10.3
CVE-2020-11443
Zoom Arbitrary File Deletion Vulnerability
Severity
Critical4
Recently Published
Qualys ID
375487
Date Published
April 27, 2021
Vendor Reference
ZSB-20001
CVE Reference
CVE-2020-11443
CVSS Scores
Base 8.1 / Temporal 7.1
Description
Zoom provides video communications with a cloud platform for video and audio conferencing, chat, and webinars across mobile, desktop, and room systems.
A vulnerability in how the Zoom Windows installer could allow a local Windows user to delete files.
Affected Versions:
Zoom version prior to 4.6.10
QID Detection Logic:
This authenticated QID detects zoom.exe versions by fetching a list of binaries from AppData\Roaming\Zoom\bin and from HKLM\SOFTWARE\Zoom\MSI
Consequence
Successful exploitation of this vulnerability may allow an attacker to delete files on target system.
Solution
Customers are advised to refer Zoom security update for more information
Patches
Zoom Version 4.4.53932.0709
CVE-2019-19006
FreePBX Incorrect Access Control Vulnerability (SEC-2019-001)
Severity
Critical4
Recently Published
Qualys ID
730044
Date Published
April 27, 2021
Vendor Reference
SEC-2019-001
CVE Reference
CVE-2019-19006
CVSS Scores
Base 9.8 / Temporal 8.5
Description
FreePBX is a web-based configuration tool for the open-source Asterisk PBX implemented in PHP.
FreePBX is vulnerable to Incorrect Access Control
Affected Versions:
FreePBX 13 prior to v13.0.197.14
FreePBX 14 prior to v14.0.13.12
FreePBX 15 prior to v15.0.16.27
QID Detection Logic:
This QID checks for the vulnerable version of FreePBX by sending get request to admin/config.php
Consequence
Successful exploitation could compromise confidentiality, integrity and availability
Solution
The vendor has released advisories and updates to fix these vulnerabilities. Refer to the following link for details: Security Vulnerability Notice.
Patches
SEC-2019-001
CVE-2021-23984+
Amazon Linux Security Advisory for thunderbird: ALAS2-2021-1632
Severity
Critical4
Recently Published
Qualys ID
352266
Date Published
April 26, 2021
Vendor Reference
ALAS-2021-1632
CVE Reference
CVE-2021-23984, CVE-2021-23987, CVE-2021-23982, CVE-2021-23981
CVSS Scores
Base 8.8 / Temporal 7.7
Description
<DIV ID="issue_overview">
The Mozilla Foundation Security Advisory describes this issue as:
A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. (CVE-2021-23981 )
Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Thunderbird < 78.9, and Firefox < 87. (CVE-2021-23982 )
The Mozilla Foundation Security Advisory describes this issue as:
A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. (CVE-2021-23984 )
The Mozilla Foundation Security Advisory describes this issue as:
Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2021-23987 )
</DIV>
Consequence
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
Solution
Please refer to Amazon advisory: ALAS-2021-1632 for affected packages and patching details, or update with your package manager.
Patches
Amazon Linux 2 ALAS-2021-1632
CVE-2020-25097
Amazon Linux Security Advisory for squid: ALAS2-2021-1631
Severity
Critical4
Recently Published
Qualys ID
352267
Date Published
April 26, 2021
Vendor Reference
ALAS-2021-1631
CVE Reference
CVE-2020-25097
CVSS Scores
Base 8.6 / Temporal 7.5
Description
<DIV ID="issue_overview">
A flaw was found in squid. Due to improper validation while parsing the request URI, squid is vulnerable to HTTP request smuggling. This issue could allow a trusted client to perform an HTTP request smuggling attack and access services otherwise forbidden by squid. The highest threat from this vulnerability is to data confidentiality. (CVE-2020-25097 )
</DIV>
Consequence
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
Solution
Please refer to Amazon advisory: ALAS-2021-1631 for affected packages and patching details, or update with your package manager.
Patches
Amazon Linux 2 ALAS-2021-1631
CVE-2021-20305
Amazon Linux Security Advisory for nettle: ALAS2-2021-1629
Severity
Critical4
Recently Published
Qualys ID
352269
Date Published
April 26, 2021
Vendor Reference
ALAS-2021-1629
CVE Reference
CVE-2021-20305
CVSS Scores
Base 8.1 / Temporal 7.1
Description
<DIV ID="issue_overview">
A flaw was found in Nettle, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-20305 )
</DIV>
Consequence
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
Solution
Please refer to Amazon advisory: ALAS-2021-1629 for affected packages and patching details, or update with your package manager.
Patches
Amazon Linux 2 ALAS-2021-1629
CVE-2020-25715+
Amazon Linux Security Advisory for pki-core: ALAS2-2021-1630
Severity
Critical4
Recently Published
Qualys ID
352268
Date Published
April 26, 2021
Vendor Reference
ALAS-2021-1630
CVE Reference
CVE-2020-25715, CVE-2019-10146, CVE-2019-10179, CVE-2019-10221, CVE-2020-1721, CVE-2021-20179
CVSS Scores
Base 8.1 / Temporal 7.1
Description
<DIV ID="issue_overview">
A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser. (CVE-2019-10146 )
It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code. (CVE-2019-10179 )
A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser. (CVE-2019-10221 )
A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code. (CVE-2020-1721 )
A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity. (CVE-2020-25715 )
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity. (CVE-2021-20179 )
</DIV>
Consequence
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
Solution
Please refer to Amazon advisory: ALAS-2021-1630 for affected packages and patching details, or update with your package manager.
Patches
Amazon Linux 2 ALAS-2021-1630
CVE-2021-20277
Amazon Linux Security Advisory for libldb: ALAS2-2021-1628
Severity
Critical4
Recently Published
Qualys ID
352270
Date Published
April 26, 2021
Vendor Reference
ALAS-2021-1628
CVE Reference
CVE-2021-20277
CVSS Scores
Base 5.6 / Temporal 4.9
Description
<DIV ID="issue_overview">
A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277 )
</DIV>
Consequence
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
Solution
Please refer to Amazon advisory: ALAS-2021-1628 for affected packages and patching details, or update with your package manager.
Patches
Amazon Linux 2 ALAS-2021-1628
CVE-2021-20277
Amazon Linux Security Advisory for libldb: ALAS-2021-1494
Severity
Critical4
Recently Published
Qualys ID
352265
Date Published
April 26, 2021
Vendor Reference
ALAS-2021-1494
CVE Reference
CVE-2021-20277
CVSS Scores
Base 5.6 / Temporal 4.9
Description
<DIV ID="issue_overview">
A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277 )
</DIV>
Consequence
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
Solution
Please refer to Amazon advisory: ALAS-2021-1494 for affected packages and patching details, or update with your package manager.
Patches
Amazon Linux ALAS-2021-1494
CVE-2021-27928
MariaDB Multiple Security Vulnerabilities
Severity
Urgent5
Recently Published
Qualys ID
375486
Date Published
April 26, 2021
Vendor Reference
MariaDB
CVE Reference
CVE-2021-27928
CVSS Scores
Base 7.2 / Temporal 6.5
Description
MariaDB is a database server that offers drop-in replacement functionality for MySQL.
Multiple Vulnerabilities in the MySQL Server product of Oracle MySQL (component: Server: FTS),
CVE-2021-27928
Affected Versions:
10.2 before 10.2.37
10.3 before 10.3.28
10.4 before 10.4.18
10.5 before 10.5.9
QID Detection Logic:(Authenticated)
This QID checks for the version of file aria_chk.exe to detect the vulnerable version of MariaDB

Consequence
Successful exploitation of this vulnerability will allow an attacker to crash the database which can lead to data loss or denial of service.
Solution
Customers are advised to upgrade to the latest version of software available. The latest version can be downloaded from here
Patches
MariaDB 10.2.37, MariaDB 10.3.28, MariaDB 10.4.18, MariaDB 10.5.9
CVE-2021-20305
Red Hat Update for gnutls and nettle (RHSA-2021:1245)
Severity
Critical4
Recently Published
Qualys ID
239242
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1245
CVE Reference
CVE-2021-20305
CVSS Scores
Base 8.1 / Temporal 7.1
Description
The gnutls packages provide the GNU Transport Layer Security (GnuTLS)
library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
Security Fix(es): nettle: Out of bounds memory access in signature verification (CVE-2021-20305)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1245 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1245
CVE-2021-20305
Red Hat Update for gnutls and nettle (RHSA-2021:1246)
Severity
Critical4
Recently Published
Qualys ID
239241
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1246
CVE Reference
CVE-2021-20305
CVSS Scores
Base 8.1 / Temporal 7.1
Description
The gnutls packages provide the GNU Transport Layer Security (GnuTLS)
library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
Security Fix(es): nettle: Out of bounds memory access in signature verification (CVE-2021-20305)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1246 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1246
CVE-2020-25715+
Red Hat Update for pki-core:10.6 (RHSA-2021:1263)
Severity
Critical4
Recently Published
Qualys ID
239239
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1263
CVE Reference
CVE-2020-25715, CVE-2021-20179
CVSS Scores
Base 8.1 / Temporal 7.1
Description
The Public Key Infrastructure (PKI)
Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es): pki-core: Unprivileged users can renew any certificate (CVE-2021-20179) pki-core: XSS in the certificate search results (CVE-2020-25715)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1263 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1263
CVE-2021-3347+
Red Hat Update for kernel (RHSA-2021:1272)
Severity
Critical4
Recently Published
Qualys ID
239238
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1272
CVE Reference
CVE-2021-3347, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
CVSS Scores
Base 7.8 / Temporal 6.8
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1272 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1272
CVE-2021-3347+
Red Hat Update for kpatch-patch (RHSA-2021:1295)
Severity
Critical4
Recently Published
Qualys ID
239236
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1295
CVE Reference
CVE-2021-3347, CVE-2021-27364, CVE-2021-27365
CVSS Scores
Base 7.8 / Temporal 6.8
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1295 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1295
CVE-2020-10725
Red Hat Update for dpdk (RHSA-2021:1239)
Severity
Critical4
Recently Published
Qualys ID
239246
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1239
CVE Reference
CVE-2020-10725
CVSS Scores
Base 7.7 / Temporal 6.7
Description
The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space.
Security Fix(es): dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor (CVE-2020-10725)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1239 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1239
CVE-2021-3449+
Red Hat Update for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP7 (RHSA-2021:1199)
Severity
Critical4
Recently Published
Qualys ID
239247
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1199
CVE Reference
CVE-2021-3449, CVE-2021-3450
CVSS Scores
Base 7.4 / Temporal 6.4
Description
This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering.This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.Security fix(es): openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)
openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)
Affected Products:

Red Hat JBoss Core Services 1 for RHEL 7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1199 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1199
CVE-2021-27928
Red Hat Update for mariadb:10.3 and mariadb-devel:10.3 (RHSA-2021:1240)
Severity
Critical4
Recently Published
Qualys ID
239245
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1240
CVE Reference
CVE-2021-27928
CVSS Scores
Base 7.2 / Temporal 6.5
Description
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32).
Security Fix(es): mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1240 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1240
CVE-2021-27928
Red Hat Update for mariadb:10.3 and mariadb-devel:10.3 (RHSA-2021:1241)
Severity
Critical4
Recently Published
Qualys ID
239244
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1241
CVE Reference
CVE-2021-27928
CVSS Scores
Base 7.2 / Temporal 6.5
Description
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32).
Security Fix(es): mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.1 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.1 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1241 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1241
CVE-2021-27928
Red Hat Update for mariadb:10.3 and mariadb-devel:10.3 (RHSA-2021:1242)
Severity
Critical4
Recently Published
Qualys ID
239243
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1242
CVE Reference
CVE-2021-27928
CVSS Scores
Base 7.2 / Temporal 6.5
Description
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32).
Security Fix(es): mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928)
Affected Products:

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1242 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1242
CVE-2021-3449
Red Hat Update for openssl (RHSA-2021:1063)
Severity
Critical4
Recently Published
Qualys ID
239249
Date Published
April 26, 2021
Vendor Reference
RHSA-2021:1063
CVE Reference
CVE-2021-3449
CVSS Scores
Base 5.9 / Temporal 5.2
Description
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)
and Transport Layer Security (TLS)
protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es): openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)
Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Consequence
On successful exploitation, it could allow an attacker to execute code.
Solution
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2021:1063 to address this issue and obtain more information.
Patches
Red Hat Enterprise Linux RHSA-2021:1063
CVE-2021-23994+
Mozilla Firefox Multiple Vulnerabilities (MFSA2021-16)
Severity
Critical4
Recently Published
Qualys ID
375478
Date Published
April 26, 2021
Vendor Reference
MFSA2021-16
CVE Reference
CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29944, CVE-2021-29946, CVE-2021-29947
CVSS Scores
Base 0 / Temporal 0
Description
Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.
Affected Products:
Prior to Firefox 88

QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.
Consequence
On successful exploitation it could allow to compromise integrity, availability and confidentiality.
Solution
Vendor has released fix to address these vulnerabilities. Refer to MFSA 2021-16
Patches
MFSA2021-16

Last updated: Sun, 09 May 2021 17:00:00 UTC

Vulnerability Detection Pipeline

Upcoming and New QIDs

Detection Status

Python Buffer Overflow/Web Cache Poisoning Vulnerability

Google Android May 2021 Security Patch Missing for LGE

Google Android May 2021 Security Patch Missing for Samsung

Re-Use

Google Pixel Android May 2021 Security Patch Missing

Red Hat Update for bind (RHSA-2021:1469)

Red Hat Update for bind (RHSA-2021:1477)

Red Hat Update for bind (RHSA-2021:1478)

Ubuntu Security Notification for Unbound vulnerabilities (USN-4938-1)

Apache Hadoop Privilege Escalation Vulnerability

Red Hat Update for postgresql (RHSA-2021:1512)

Red Hat Update for Red Hat Ceph Storage (RHSA-2021:1452)

Google Android Devices May 2021 Security Patch Missing

Dell Client Platform Security Update for Insufficient Access Control Vulnerability (DSA-2021-088)

Red Hat Update for kernel-alt (RHSA-2021:1379)

EulerOS Security Update for mercurial (EulerOS-SA-2021-1816)

EulerOS Security Update for spamassassin (EulerOS-SA-2021-1851)

EulerOS Security Update for velocity (EulerOS-SA-2021-1858)

EulerOS Security Update for kernel (EulerOS-SA-2021-1808)

EulerOS Security Update for compat-poppler022 (EulerOS-SA-2021-1772)

EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2021-1810)

EulerOS Security Update for exiv2 (EulerOS-SA-2021-1782)

EulerOS Security Update for golang (EulerOS-SA-2021-1792)

EulerOS Security Update for gssproxy (EulerOS-SA-2021-1795)

EulerOS Security Update for ImageMagick (EulerOS-SA-2021-1802)

EulerOS Security Update for libexif (EulerOS-SA-2021-1809)

EulerOS Security Update for libtiff (EulerOS-SA-2021-1813)

EulerOS Security Update for ppp (EulerOS-SA-2021-1834)

EulerOS Security Update for python (EulerOS-SA-2021-1835)

EulerOS Security Update for screen (EulerOS-SA-2021-1848)

EulerOS Security Update for squid (EulerOS-SA-2021-1852)

EulerOS Security Update for xterm (EulerOS-SA-2021-1864)

EulerOS Security Update for grub2 (EulerOS-SA-2021-1794)

EulerOS Security Update for wireshark (EulerOS-SA-2021-1859)

EulerOS Security Update for freeradius (EulerOS-SA-2021-1784)

EulerOS Security Update for libldb (EulerOS-SA-2021-1811)

EulerOS Security Update for xorg-x11-server (EulerOS-SA-2021-1863)

EOL/Obsolete Software: Puppet Server Prior to 6.15.x Detected

Debian Security Update for exim4 (DLA 2650-1)(21Nails)

F5 BIG-IP ASM WebSocket vulnerability(K18570111)

SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:1499-1)

SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1469-1)

SUSE Enterprise Linux Security Update for python-Pygments (SUSE-SU-2021:1500-1)

SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1468-1)

SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1471-1)

SUSE Enterprise Linux Security Update for ceph (SUSE-SU-2021:1474-1)

SUSE Enterprise Linux Security Update for ceph (SUSE-SU-2021:1473-1)

SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1498-1)

SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1492-1)

SUSE Enterprise Linux Security Update for permissions (SUSE-SU-2021:1466-1)

SUSE Enterprise Linux Security Update for openexr (SUSE-SU-2021:1489-1)

SUSE Enterprise Linux Security Update for sca-patterns-sle11 (SUSE-SU-2021:1497-1)

IBM MQ Remote Code Execution Vulnerability(6408626)

ISC BIND Assertion Failure Vulnerability

ISC BIND Buffer Overflow Vulnerability

Cygwin Git Package Remote Code Execution

SUSE Enterprise Linux Security Update for stunnel (SUSE-SU-2021:1465-1)

GitLab Multiple Security Vulnerabilities(gitlab- 13-11-2, 13-10-4, 13-9-7)

OpenVpn 2.5.1 and earlier Authentication Bypass (excluding 2.4.11)

Ubuntu Security Notification for Underscore vulnerability (USN-4913-2)

Amazon Linux Security Advisory for kernel: ALAS2-2021-1627

ClickHouse Incorrect Configuration Vulnerability

Kong Docker Image Weak Authentication Vulnerability

Apple iOS 12.5.3 Security Update Missing (HT212341)

Apple iOS 14.5.1 and iPadOS 14.5.1 Security Update Missing (HT212336)

Ubuntu Security Notification for Exim4 Vulnerabilities (USN-4934-1) (21Nails)

Debian Security Update for exim4 (DSA 4912-1) (21Nails)

Apache Unomi Remote Code Execution Vulnerability

Microsoft Edge Based On Chromium Prior to 90.0.818.51 Multiple Vulnerabilities

Gentoo Linux WebkitGTK+ Multiple Vulnerabilities (GLSA 202104-03)

SUSE Enterprise Linux Security Update for containerd, docker, runc (SUSE-SU-2021:1458-1)

Gentoo Linux GRUB Multiple Vulnerabilities (GLSA 202104-05)

Gentoo Linux X.Org X Server Privilege Escalation Vulnerability (GLSA 202104-02)

SUSE Enterprise Linux Security Update for cups (SUSE-SU-2021:1454-1)

Apple iOS 14.5 and iPadOS 14.5 Security Update Missing (HT212317)

Debian Security Update for python-apt (DLA 2488-2)

CentOS Security Update for xstream (CESA-2021:1354)