{ "document" : { "aggregate_severity" : { "text" : "hoch" }, "category" : "csaf_base", "csaf_version" : "2.0", "distribution" : { "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "de-DE", "notes" : [ { "category" : "legal_disclaimer", "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen." }, { "category" : "description", "text" : "Die zlib ist eine freie Programmbibliothek zum Komprimieren und Dekomprimieren von Daten.", "title" : "Produktbeschreibung" }, { "category" : "summary", "text" : "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in zlib ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.", "title" : "Angriff" }, { "category" : "general", "text" : "- Linux\n- Sonstiges\n- UNIX", "title" : "Betroffene Betriebssysteme" } ], "publisher" : { "category" : "other", "contact_details" : "csaf-provider@cert-bund.de", "name" : "Bundesamt für Sicherheit in der Informationstechnik", "namespace" : "https://www.bsi.bund.de" }, "references" : [ { "category" : "self", "summary" : "WID-SEC-W-2022-0929 - CSAF Version", "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0929.json" }, { "category" : "self", "summary" : "WID-SEC-2022-0929 - Portal Version", "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0929" }, { "category" : "external", "summary" : "NIST Vulnerability Database vom 2022-08-04", "url" : "https://nvd.nist.gov/vuln/detail/CVE-2022-37434" }, { "category" : "external", "summary" : "PoC vom 2022-08-04", "url" : "https://github.com/ivd38/zlib_overflow" }, { "category" : "external", "summary" : "OpenBSD Errata vom 2022-08-11", "url" : "https://www.openbsd.org/errata70.html" }, { "category" : "external", "summary" : "OpenBSD Errata vom 2022-08-11", "url" : "https://www.openbsd.org/errata71.html" }, { "category" : "external", "summary" : "Ubuntu Security Notice USN-5570-1 vom 2022-08-18", "url" : "https://ubuntu.com/security/notices/USN-5570-1" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2022:2845-1 vom 2022-08-18", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011946.html" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2022:2847-1 vom 2022-08-18", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011945.html" }, { "category" : "external", "summary" : "Ubuntu Security Notice USN-5573-1 vom 2022-08-19", "url" : "https://ubuntu.com/security/notices/USN-5573-1" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2022:2846-1 vom 2022-08-18", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011947.html" }, { "category" : "external", "summary" : "Debian Security Advisory DSA-5218 vom 2022-08-25", "url" : "https://lists.debian.org/debian-security-announce/2022/msg00187.html" }, { "category" : "external", "summary" : "FreeBSD Security Advisory FREEBSD-SA-22:13.ZLIB vom 2022-08-31", "url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-22:13.zlib.asc" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2022:2947-1 vom 2022-08-31", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2022-August/012012.html" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-2022-0B517A5397 vom 2022-09-01", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-2022-0b517a5397" }, { "category" : "external", "summary" : "NetApp Security Advisory NTAP-20220901-0005 vom 2022-09-01", "url" : "https://security.netapp.com/advisory/ntap-20220901-0005/" }, { "category" : "external", "summary" : "Siemens Security Bulletin SSB-439005 vom 2022-09-13", "url" : "https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf" }, { "category" : "external", "summary" : "Amazon Linux Security Advisory ALAS-2022-1849 vom 2022-09-21", "url" : "https://alas.aws.amazon.com/AL2/ALAS-2022-1849.html" }, { "category" : "external", "summary" : "Amazon Linux Security Advisory ALAS-2022-148 vom 2022-10-14", "url" : "https://alas.aws.amazon.com/AL2022/ALAS-2022-148.html" }, { "category" : "external", "summary" : "Ubuntu Security Notice USN-5570-2 vom 2022-10-17", "url" : "https://ubuntu.com/security/notices/USN-5570-2" }, { "category" : "external", "summary" : "Oracle Solaris Third Party Bulletin-October 2022 vom 2022-10-18", "url" : "https://www.oracle.com/security-alerts/bulletinoct2022.html" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2022-7106 vom 2022-10-26", "url" : "https://linux.oracle.com/errata/ELSA-2022-7106.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2022:7106 vom 2022-10-25", "url" : "https://access.redhat.com/errata/RHSA-2022:7106" }, { "category" : "external", "summary" : "Tenable Security Advisory TNS-2022-20 vom 2022-10-26", "url" : "https://www.tenable.com/security/tns-2022-20" }, { "category" : "external", "summary" : "Gentoo Linux Security Advisory GLSA-202210-42 vom 2022-10-31", "url" : "https://security.gentoo.org/glsa/202210-42" }, { "category" : "external", "summary" : "ClamAV Blog", "url" : "https://blog.clamav.net/2022/10/new-packages-for-clamav-01037-01044.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2022:7314 vom 2022-11-02", "url" : "https://access.redhat.com/errata/RHSA-2022:7314" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2022-7314 vom 2022-11-02", "url" : "https://linux.oracle.com/errata/ELSA-2022-7314.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2022:7407 vom 2022-11-03", "url" : "https://access.redhat.com/errata/RHSA-2022:7407" }, { "category" : "external", "summary" : "Amazon Linux Security Advisory ALAS-2022-158 vom 2022-11-04", "url" : "https://alas.aws.amazon.com/AL2022/ALAS-2022-158.html" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2022-9988 vom 2022-11-09", "url" : "https://linux.oracle.com/errata/ELSA-2022-9988.html" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2022-9987 vom 2022-11-08", "url" : "https://linux.oracle.com/errata/ELSA-2022-9987.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2022:7793 vom 2022-11-08", "url" : "https://access.redhat.com/errata/RHSA-2022:7793" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2022:6882 vom 2022-11-09", "url" : "https://access.redhat.com/errata/RHSA-2022:6882" }, { "category" : "external", "summary" : "Tenable Security Advisory TNS-2022-26 vom 2022-11-09", "url" : "https://www.tenable.com/security/tns-2022-26" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2022:8291 vom 2022-11-15", "url" : "https://access.redhat.com/errata/RHSA-2022:8291" }, { "category" : "external", "summary" : "IBM Security Bulletin 6842505 vom 2022-12-01", "url" : "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-operator-and-queue-manager-container-images-are-vulnerable-to-multiple-vulnerabilities-from-expat-sqlite-libxml2-libksba-zlib-and-gnutls/" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2022:8781 vom 2022-12-08", "url" : "https://access.redhat.com/errata/RHSA-2022:8781" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2022:8841 vom 2022-12-08", "url" : "https://access.redhat.com/errata/RHSA-2022:8841" }, { "category" : "external", "summary" : "Amazon Linux Security Advisory ALAS-2022-252 vom 2022-12-09", "url" : "https://alas.aws.amazon.com/AL2022/ALAS-2022-252.html" }, { "category" : "external", "summary" : "Amazon Linux Security Advisory ALAS-2022-1650 vom 2022-12-10", "url" : "https://alas.aws.amazon.com/ALAS-2022-1650.html" }, { "category" : "external", "summary" : "Dameware 12.2.4 Release Notes", "url" : "https://documentation.solarwinds.com/en/success_center/dameware/content/release_notes/dameware_12-2-4_release_notes.htm" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2023-1095 vom 2023-03-08", "url" : "http://linux.oracle.com/errata/ELSA-2023-1095.html" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2023-1095 vom 2023-03-07", "url" : "https://linux.oracle.com/errata/ELSA-2023-1095.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2023:1095 vom 2023-03-07", "url" : "https://access.redhat.com/errata/RHSA-2023:1095" }, { "category" : "external", "summary" : "CentOS Security Advisory CESA-2023:1095 vom 2023-03-08", "url" : "https://lists.centos.org/pipermail/centos-announce/2023-March/086387.html" }, { "category" : "external", "summary" : "Sophos UTM Up2date 9.715 vom 2023-03-13", "url" : "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-715-released" }, { "category" : "external", "summary" : "Amazon Linux Security Advisory ALAS2-2023-2074 vom 2023-06-08", "url" : "https://alas.aws.amazon.com/AL2/ALAS-2023-2074.html" }, { "category" : "external", "summary" : "IBM Security Bulletin 6857861 vom 2023-06-27", "url" : "https://www.ibm.com/support/pages/node/6857861" }, { "category" : "external", "summary" : "IBM Security Bulletin 7007815 vom 2023-06-28", "url" : "https://www.ibm.com/support/pages/node/7007815" }, { "category" : "external", "summary" : "IBM Security Bulletin 7008109 vom 2023-06-29", "url" : "https://www.ibm.com/support/pages/node/7008109" }, { "category" : "external", "summary" : "Dell Security Update for Dell NetWorker", "url" : "https://www.dell.com/support/kbdoc/de-de/000215499/dsa-2023-231-security-update-for-dell-networker-zlib-1-2-3" }, { "category" : "external", "summary" : "IBM Security Bulletin 7010099 vom 2023-07-06", "url" : "https://www.ibm.com/support/pages/node/7010099" }, { "category" : "external", "summary" : "IBM Security Bulletin 6985269 vom 2023-07-25", "url" : "https://aix.software.ibm.com/aix/efixes/security/zlib_advisory2.asc" }, { "category" : "external", "summary" : "SolarWinds Platform 2023.3 Release Notes", "url" : "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm" }, { "category" : "external", "summary" : "IBM Security Bulletin 7087162 vom 2023-12-01", "url" : "https://www.ibm.com/support/pages/node/7087162" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:0254 vom 2024-01-16", "url" : "https://access.redhat.com/errata/RHSA-2024:0254" }, { "category" : "external", "summary" : "IBM Security Bulletin 7111596 vom 2024-01-24", "url" : "https://www.ibm.com/support/pages/node/7111596" }, { "category" : "external", "summary" : "Ubuntu Security Notice USN-6736-1 vom 2024-04-16", "url" : "https://ubuntu.com/security/notices/USN-6736-1" }, { "category" : "external", "summary" : "Ubuntu Security Notice USN-6736-2 vom 2024-05-23", "url" : "https://ubuntu.com/security/notices/USN-6736-2" }, { "category" : "external", "summary" : "IBM Security Bulletin 7167109 vom 2024-09-03", "url" : "https://www.ibm.com/support/pages/node/7167109" }, { "category" : "external", "summary" : "IBM Security Bulletin 7183676 vom 2025-02-27", "url" : "https://www.ibm.com/support/pages/node/7183676" }, { "category" : "external", "summary" : "IBM Security Bulletin 7236343 vom 2025-06-11", "url" : "https://www.ibm.com/support/pages/node/7236343" } ], "source_lang" : "en-US", "title" : "zlib: Schwachstelle ermöglicht nicht spezifizierten Angriff", "tracking" : { "current_release_date" : "2025-06-11T22:00:00.000+00:00", "generator" : { "date" : "2025-06-12T07:23:40.550+00:00", "engine" : { "name" : "BSI-WID", "version" : "1.3.12" } }, "id" : "WID-SEC-W-2022-0929", "initial_release_date" : "2022-08-04T22:00:00.000+00:00", "revision_history" : [ { "date" : "2022-08-04T22:00:00.000+00:00", "number" : "1", "summary" : "Initiale Fassung" }, { "date" : "2022-08-11T22:00:00.000+00:00", "number" : "2", "summary" : "Neue Updates von OpenBSD aufgenommen" }, { "date" : "2022-08-16T22:00:00.000+00:00", "number" : "3", "summary" : "Referenz(en) aufgenommen: FEDORA-2022-25E4DBEDF9, FEDORA-2022-15DA0CF165" }, { "date" : "2022-08-17T22:00:00.000+00:00", "number" : "4", "summary" : "Neue Updates von Ubuntu aufgenommen" }, { "date" : "2022-08-18T22:00:00.000+00:00", "number" : "5", "summary" : "Neue Updates von SUSE und Ubuntu aufgenommen" }, { "date" : "2022-08-25T22:00:00.000+00:00", "number" : "6", "summary" : "Neue Updates von Debian aufgenommen" }, { "date" : "2022-08-30T22:00:00.000+00:00", "number" : "7", "summary" : "Neue Updates von FreeBSD aufgenommen" }, { "date" : "2022-08-31T22:00:00.000+00:00", "number" : "8", "summary" : "Neue Updates von SUSE aufgenommen" }, { "date" : "2022-09-01T22:00:00.000+00:00", "number" : "9", "summary" : "Neue Updates von Fedora und NetApp aufgenommen" }, { "date" : "2022-09-18T22:00:00.000+00:00", "number" : "10", "summary" : "Neue Updates von Siemens aufgenommen" }, { "date" : "2022-09-20T22:00:00.000+00:00", "number" : "11", "summary" : "Neue Updates von Amazon aufgenommen" }, { "date" : "2022-10-13T22:00:00.000+00:00", "number" : "12", "summary" : "Neue Updates von Amazon aufgenommen" }, { "date" : "2022-10-17T22:00:00.000+00:00", "number" : "13", "summary" : "Neue Updates von Ubuntu aufgenommen" }, { "date" : "2022-10-18T22:00:00.000+00:00", "number" : "14", "summary" : "Neue Updates aufgenommen" }, { "date" : "2022-10-25T22:00:00.000+00:00", "number" : "15", "summary" : "Neue Updates von Oracle Linux und Red Hat aufgenommen" }, { "date" : "2022-10-26T22:00:00.000+00:00", "number" : "16", "summary" : "Neue Updates von Tenable aufgenommen" }, { "date" : "2022-10-31T23:00:00.000+00:00", "number" : "17", "summary" : "Neue Updates von Gentoo aufgenommen" }, { "date" : "2022-11-02T23:00:00.000+00:00", "number" : "18", "summary" : "Neue Updates von Red Hat und Oracle Linux aufgenommen" }, { "date" : "2022-11-03T23:00:00.000+00:00", "number" : "19", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2022-11-06T23:00:00.000+00:00", "number" : "20", "summary" : "Neue Updates von Amazon aufgenommen" }, { "date" : "2022-11-08T23:00:00.000+00:00", "number" : "21", "summary" : "Neue Updates von Oracle Linux und Red Hat aufgenommen" }, { "date" : "2022-11-09T23:00:00.000+00:00", "number" : "22", "summary" : "Neue Updates von Red Hat und Tenable aufgenommen" }, { "date" : "2022-11-15T23:00:00.000+00:00", "number" : "23", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2022-11-30T23:00:00.000+00:00", "number" : "24", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2022-12-07T23:00:00.000+00:00", "number" : "25", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2022-12-08T23:00:00.000+00:00", "number" : "26", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2022-12-11T23:00:00.000+00:00", "number" : "27", "summary" : "Neue Updates von Amazon aufgenommen" }, { "date" : "2023-02-14T23:00:00.000+00:00", "number" : "28", "summary" : "Neue Updates aufgenommen" }, { "date" : "2023-03-07T23:00:00.000+00:00", "number" : "29", "summary" : "Neue Updates von Oracle Linux und Red Hat aufgenommen" }, { "date" : "2023-03-08T23:00:00.000+00:00", "number" : "30", "summary" : "Neue Updates von CentOS aufgenommen" }, { "date" : "2023-03-13T23:00:00.000+00:00", "number" : "31", "summary" : "Neue Updates aufgenommen" }, { "date" : "2023-06-08T22:00:00.000+00:00", "number" : "32", "summary" : "Neue Updates von Amazon aufgenommen" }, { "date" : "2023-06-27T22:00:00.000+00:00", "number" : "33", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2023-06-28T22:00:00.000+00:00", "number" : "34", "summary" : "Neue Updates von IBM und IBM-APAR aufgenommen" }, { "date" : "2023-07-04T22:00:00.000+00:00", "number" : "35", "summary" : "Neue Updates von Dell aufgenommen" }, { "date" : "2023-07-06T22:00:00.000+00:00", "number" : "36", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2023-07-25T22:00:00.000+00:00", "number" : "37", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2023-12-03T23:00:00.000+00:00", "number" : "38", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2024-01-15T23:00:00.000+00:00", "number" : "39", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-01-24T23:00:00.000+00:00", "number" : "40", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2024-04-16T22:00:00.000+00:00", "number" : "41", "summary" : "Neue Updates von Ubuntu aufgenommen" }, { "date" : "2024-05-23T22:00:00.000+00:00", "number" : "42", "summary" : "Neue Updates von Ubuntu aufgenommen" }, { "date" : "2024-09-03T22:00:00.000+00:00", "number" : "43", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2025-02-27T23:00:00.000+00:00", "number" : "44", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2025-06-11T22:00:00.000+00:00", "number" : "45", "summary" : "Neue Updates von IBM aufgenommen" } ], "status" : "final", "version" : "45" } }, "product_tree" : { "branches" : [ { "branches" : [ { "category" : "product_name", "name" : "Amazon Linux 2", "product" : { "name" : "Amazon Linux 2", "product_id" : "398363", "product_identification_helper" : { "cpe" : "cpe:/o:amazon:linux_2:-" } } } ], "category" : "vendor", "name" : "Amazon" }, { "branches" : [ { "category" : "product_name", "name" : "Debian Linux", "product" : { "name" : "Debian Linux", "product_id" : "2951", "product_identification_helper" : { "cpe" : "cpe:/o:debian:debian_linux:-" } } } ], "category" : "vendor", "name" : "Debian" }, { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : "<19.9.0.1", "product" : { "name" : "Dell NetWorker <19.9.0.1", "product_id" : "T028404" } }, { "category" : "product_version", "name" : "19.9.0.1", "product" : { "name" : "Dell NetWorker 19.9.0.1", "product_id" : "T028404-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:19.9.0.1" } } } ], "category" : "product_name", "name" : "NetWorker" } ], "category" : "vendor", "name" : "Dell" }, { "branches" : [ { "category" : "product_name", "name" : "FreeBSD Project FreeBSD OS", "product" : { "name" : "FreeBSD Project FreeBSD OS", "product_id" : "4035", "product_identification_helper" : { "cpe" : "cpe:/o:freebsd:freebsd:-" } } } ], "category" : "vendor", "name" : "FreeBSD Project" }, { "branches" : [ { "category" : "product_name", "name" : "Gentoo Linux", "product" : { "name" : "Gentoo Linux", "product_id" : "T012167", "product_identification_helper" : { "cpe" : "cpe:/o:gentoo:linux:-" } } } ], "category" : "vendor", "name" : "Gentoo" }, { "branches" : [ { "category" : "product_name", "name" : "IBM AIX", "product" : { "name" : "IBM AIX", "product_id" : "5094", "product_identification_helper" : { "cpe" : "cpe:/o:ibm:aix:-" } } }, { "branches" : [ { "category" : "product_version_range", "name" : "<12.0.4 IF2", "product" : { "name" : "IBM Cognos Analytics <12.0.4 IF2", "product_id" : "T041469" } }, { "category" : "product_version", "name" : "12.0.4 IF2", "product" : { "name" : "IBM Cognos Analytics 12.0.4 IF2", "product_id" : "T041469-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:cognos_analytics:12.0.4_if2" } } }, { "category" : "product_version_range", "name" : "<11.2.4 IF4", "product" : { "name" : "IBM Cognos Analytics <11.2.4 IF4", "product_id" : "T041470" } }, { "category" : "product_version", "name" : "11.2.4 IF4", "product" : { "name" : "IBM Cognos Analytics 11.2.4 IF4", "product_id" : "T041470-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:cognos_analytics:11.2.4_if4" } } } ], "category" : "product_name", "name" : "Cognos Analytics" }, { "branches" : [ { "category" : "product_version", "name" : "11.1", "product" : { "name" : "IBM DB2 11.1", "product_id" : "342000", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:db2:11.1" } } }, { "category" : "product_version", "name" : "11.5", "product" : { "name" : "IBM DB2 11.5", "product_id" : "T015242", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:db2:v11.5" } } }, { "category" : "product_version", "name" : "10.5", "product" : { "name" : "IBM DB2 10.5", "product_id" : "T015244", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:db2:v10.5" } } } ], "category" : "product_name", "name" : "DB2" }, { "branches" : [ { "category" : "product_version_range", "name" : "<10.5.0.17", "product" : { "name" : "IBM DataPower Gateway <10.5.0.17", "product_id" : "T043377" } }, { "category" : "product_version", "name" : "10.5.0.17", "product" : { "name" : "IBM DataPower Gateway 10.5.0.17", "product_id" : "T043377-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:datapower_gateway:10.5.0.17" } } }, { "category" : "product_version_range", "name" : "<10.6.0.5", "product" : { "name" : "IBM DataPower Gateway <10.6.0.5", "product_id" : "T043378" } }, { "category" : "product_version", "name" : "10.6.0.5", "product" : { "name" : "IBM DataPower Gateway 10.6.0.5", "product_id" : "T043378-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:datapower_gateway:10.6.0.5" } } }, { "category" : "product_version_range", "name" : "<10.6.4.0", "product" : { "name" : "IBM DataPower Gateway <10.6.4.0", "product_id" : "T044528" } }, { "category" : "product_version", "name" : "10.6.4.0", "product" : { "name" : "IBM DataPower Gateway 10.6.4.0", "product_id" : "T044528-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:datapower_gateway:10.6.4.0" } } } ], "category" : "product_name", "name" : "DataPower Gateway" }, { "branches" : [ { "category" : "product_version", "name" : "5.5.4", "product" : { "name" : "IBM FileNet Content Manager 5.5.4", "product_id" : "782758", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:filenet_content_manager:5.5.4" } } }, { "category" : "product_version", "name" : "5.5.8", "product" : { "name" : "IBM FileNet Content Manager 5.5.8", "product_id" : "T024608", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:filenet_content_manager:5.5.8" } } }, { "category" : "product_version", "name" : "5.5.9", "product" : { "name" : "IBM FileNet Content Manager 5.5.9", "product_id" : "T024609", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:filenet_content_manager:5.5.9" } } }, { "category" : "product_name", "name" : "IBM FileNet Content Manager", "product" : { "name" : "IBM FileNet Content Manager", "product_id" : "T025993", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:filenet_content_manager:-" } } }, { "category" : "product_version", "name" : "5.5.10", "product" : { "name" : "IBM FileNet Content Manager 5.5.10", "product_id" : "T028340", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:filenet_content_manager:5.5.10" } } } ], "category" : "product_name", "name" : "FileNet Content Manager" }, { "category" : "product_name", "name" : "IBM MQ", "product" : { "name" : "IBM MQ", "product_id" : "T021398", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:mq:-" } } }, { "branches" : [ { "category" : "product_version", "name" : "7.5", "product" : { "name" : "IBM QRadar SIEM 7.5", "product_id" : "T022954", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:qradar_siem:7.5" } } } ], "category" : "product_name", "name" : "QRadar SIEM" }, { "category" : "product_name", "name" : "IBM Security Guardium", "product" : { "name" : "IBM Security Guardium", "product_id" : "T021345", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:security_guardium:-" } } }, { "branches" : [ { "category" : "product_version", "name" : "6.2.0", "product" : { "name" : "IBM Tivoli Business Service Manager 6.2.0", "product_id" : "T014092", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:tivoli_business_service_manager:6.2.0" } } } ], "category" : "product_name", "name" : "Tivoli Business Service Manager" } ], "category" : "vendor", "name" : "IBM" }, { "branches" : [ { "category" : "product_name", "name" : "NetApp ActiveIQ Unified Manager", "product" : { "name" : "NetApp ActiveIQ Unified Manager", "product_id" : "T016960", "product_identification_helper" : { "cpe" : "cpe:/a:netapp:active_iq_unified_manager:-" } } }, { "category" : "product_name", "name" : "NetApp StorageGRID", "product" : { "name" : "NetApp StorageGRID", "product_id" : "920206", "product_identification_helper" : { "cpe" : "cpe:/a:netapp:storagegrid:-" } } } ], "category" : "vendor", "name" : "NetApp" }, { "branches" : [ { "category" : "product_name", "name" : "Open Source CentOS", "product" : { "name" : "Open Source CentOS", "product_id" : "1727", "product_identification_helper" : { "cpe" : "cpe:/o:centos:centos:-" } } }, { "branches" : [ { "category" : "product_version", "name" : "0.103.7", "product" : { "name" : "Open Source ClamAV 0.103.7", "product_id" : "1204990", "product_identification_helper" : { "cpe" : "cpe:/a:clamav:clamav:0.103.7::~~lts~~~" } } }, { "category" : "product_version", "name" : "0.104.4", "product" : { "name" : "Open Source ClamAV 0.104.4", "product_id" : "T025164", "product_identification_helper" : { "cpe" : "cpe:/a:clamav:clamav:0.104.4" } } }, { "category" : "product_version", "name" : "0.105.1", "product" : { "name" : "Open Source ClamAV 0.105.1", "product_id" : "T025165", "product_identification_helper" : { "cpe" : "cpe:/a:clamav:clamav:0.105.1" } } } ], "category" : "product_name", "name" : "ClamAV" }, { "branches" : [ { "category" : "product_version_range", "name" : "<=1.2.12", "product" : { "name" : "Open Source zlib <=1.2.12", "product_id" : "T022501" } }, { "category" : "product_version_range", "name" : "<=1.2.12", "product" : { "name" : "Open Source zlib <=1.2.12", "product_id" : "T022501-fixed" } } ], "category" : "product_name", "name" : "zlib" } ], "category" : "vendor", "name" : "Open Source" }, { "branches" : [ { "category" : "product_name", "name" : "OpenBSD OpenBSD", "product" : { "name" : "OpenBSD OpenBSD", "product_id" : "T024283", "product_identification_helper" : { "cpe" : "cpe:/a:openbsd:openbsd:-" } } } ], "category" : "vendor", "name" : "OpenBSD" }, { "branches" : [ { "category" : "product_name", "name" : "Oracle Linux", "product" : { "name" : "Oracle Linux", "product_id" : "T004914", "product_identification_helper" : { "cpe" : "cpe:/o:oracle:linux:-" } } }, { "category" : "product_name", "name" : "Oracle Solaris", "product" : { "name" : "Oracle Solaris", "product_id" : "T002965", "product_identification_helper" : { "cpe" : "cpe:/a:oracle:solaris:-" } } } ], "category" : "vendor", "name" : "Oracle" }, { "branches" : [ { "category" : "product_name", "name" : "Red Hat Enterprise Linux", "product" : { "name" : "Red Hat Enterprise Linux", "product_id" : "67646", "product_identification_helper" : { "cpe" : "cpe:/o:redhat:enterprise_linux:-" } } }, { "category" : "product_name", "name" : "Red Hat OpenShift", "product" : { "name" : "Red Hat OpenShift", "product_id" : "T008027", "product_identification_helper" : { "cpe" : "cpe:/a:redhat:openshift:-" } } } ], "category" : "vendor", "name" : "Red Hat" }, { "branches" : [ { "category" : "product_name", "name" : "SUSE Linux", "product" : { "name" : "SUSE Linux", "product_id" : "T002207", "product_identification_helper" : { "cpe" : "cpe:/o:suse:suse_linux:-" } } } ], "category" : "vendor", "name" : "SUSE" }, { "branches" : [ { "branches" : [ { "category" : "product_version", "name" : "1500", "product" : { "name" : "Siemens SIMATIC S7 1500", "product_id" : "T019436", "product_identification_helper" : { "cpe" : "cpe:/h:siemens:simatic_s7:1500" } } } ], "category" : "product_name", "name" : "SIMATIC S7" } ], "category" : "vendor", "name" : "Siemens" }, { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : "<12.2.4", "product" : { "name" : "SolarWinds Dameware <12.2.4", "product_id" : "T026371" } }, { "category" : "product_version", "name" : "12.2.4", "product" : { "name" : "SolarWinds Dameware 12.2.4", "product_id" : "T026371-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:solarwinds:dameware:12.2.4" } } } ], "category" : "product_name", "name" : "Dameware" }, { "branches" : [ { "category" : "product_version_range", "name" : "<2023.3", "product" : { "name" : "SolarWinds Platform <2023.3", "product_id" : "T028897" } }, { "category" : "product_version", "name" : "2023.3", "product" : { "name" : "SolarWinds Platform 2023.3", "product_id" : "T028897-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:solarwinds:orion_platform:2023.3" } } } ], "category" : "product_name", "name" : "Platform" } ], "category" : "vendor", "name" : "SolarWinds" }, { "branches" : [ { "branches" : [ { "category" : "product_version", "name" : "9.7 MR15", "product" : { "name" : "Sophos Unified Threat Management (UTM) Software 9.7 MR15", "product_id" : "T026721", "product_identification_helper" : { "cpe" : "cpe:/a:sophos:unified_threat_management_software:9.7_mr15" } } } ], "category" : "product_name", "name" : "Unified Threat Management (UTM) Software" } ], "category" : "vendor", "name" : "Sophos" }, { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : "<10.3.1", "product" : { "name" : "Tenable Security Nessus <10.3.1", "product_id" : "T025130" } }, { "category" : "product_version", "name" : "10.3.1", "product" : { "name" : "Tenable Security Nessus 10.3.1", "product_id" : "T025130-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:tenable:nessus:10.3.1" } } }, { "category" : "product_version_range", "name" : "<8.15.7", "product" : { "name" : "Tenable Security Nessus <8.15.7", "product_id" : "T025285" } }, { "category" : "product_version", "name" : "8.15.7", "product" : { "name" : "Tenable Security Nessus 8.15.7", "product_id" : "T025285-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:tenable:nessus:8.15.7" } } } ], "category" : "product_name", "name" : "Nessus" } ], "category" : "vendor", "name" : "Tenable Security" }, { "branches" : [ { "category" : "product_name", "name" : "Ubuntu Linux", "product" : { "name" : "Ubuntu Linux", "product_id" : "T000126", "product_identification_helper" : { "cpe" : "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category" : "vendor", "name" : "Ubuntu" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2022-37434", "product_status" : { "known_affected" : [ "T024283", "T025130", "T028340", "67646", "4035", "T004914", "T015244", "782758", "T015242", "T019436", "T014092", "T026721", "T028404", "T025993", "T041469", "398363", "T021398", "T026371", "T008027", "342000", "T002965", "T012167", "1204990", "T024609", "T016960", "T024608", "5094", "T022954", "T043377", "T043378", "T021345", "T041470", "2951", "T002207", "T000126", "T044528", "920206", "T028897", "1727", "T025165", "T025164", "T025285" ], "last_affected" : [ "T022501" ] }, "release_date" : "2022-08-04T22:00:00.000+00:00", "title" : "CVE-2022-37434" } ] }