{
  "GSD": {
    "alias": "CVE-2019-15161",
    "description": "rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.",
    "id": "GSD-2019-15161",
    "references": [
      "https://www.suse.com/security/cve/CVE-2019-15161.html",
      "https://advisories.mageia.org/CVE-2019-15161.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-15161"
      ],
      "details": "rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.",
      "id": "GSD-2019-15161",
      "modified": "2023-12-13T01:23:38.709218Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2019-15161",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.tcpdump.org/public-cve-list.txt",
            "refsource": "CONFIRM",
            "url": "https://www.tcpdump.org/public-cve-list.txt"
          },
          {
            "name": "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES",
            "refsource": "CONFIRM",
            "url": "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES"
          },
          {
            "name": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea",
            "refsource": "CONFIRM",
            "url": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea"
          },
          {
            "name": "FEDORA-2019-eaa681d33e",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
          },
          {
            "name": "FEDORA-2019-4fe461079f",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
          },
          {
            "name": "FEDORA-2019-b92ce3144a",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
          },
          {
            "name": "https://support.apple.com/kb/HT210788",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT210788"
          },
          {
            "name": "https://support.apple.com/kb/HT210790",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT210790"
          },
          {
            "name": "https://support.apple.com/kb/HT210785",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT210785"
          },
          {
            "name": "https://support.apple.com/kb/HT210789",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT210789"
          },
          {
            "name": "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2019/Dec/23"
          },
          {
            "name": "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2019/Dec/26"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:tcpdump:libpcap:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.9.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15161"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-131"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES",
              "refsource": "CONFIRM",
              "tags": [
                "Product",
                "Release Notes"
              ],
              "url": "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES"
            },
            {
              "name": "https://www.tcpdump.org/public-cve-list.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.tcpdump.org/public-cve-list.txt"
            },
            {
              "name": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea"
            },
            {
              "name": "FEDORA-2019-4fe461079f",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
            },
            {
              "name": "FEDORA-2019-eaa681d33e",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
            },
            {
              "name": "FEDORA-2019-b92ce3144a",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
            },
            {
              "name": "https://support.apple.com/kb/HT210788",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.apple.com/kb/HT210788"
            },
            {
              "name": "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "https://seclists.org/bugtraq/2019/Dec/23"
            },
            {
              "name": "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://seclists.org/fulldisclosure/2019/Dec/26"
            },
            {
              "name": "https://support.apple.com/kb/HT210790",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.apple.com/kb/HT210790"
            },
            {
              "name": "https://support.apple.com/kb/HT210789",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.apple.com/kb/HT210789"
            },
            {
              "name": "https://support.apple.com/kb/HT210785",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.apple.com/kb/HT210785"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2020-08-24T17:37Z",
      "publishedDate": "2019-10-03T19:15Z"
    }
  }
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libpcap-devel-1.10.1-1.2 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libpcap-devel-1.10.1-1.2 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10969",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10969-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16301 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16301/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-15161 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-15161/"
      }
    ],
    "title": "libpcap-devel-1.10.1-1.2 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10969-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpcap-devel-1.10.1-1.2.aarch64",
                "product": {
                  "name": "libpcap-devel-1.10.1-1.2.aarch64",
                  "product_id": "libpcap-devel-1.10.1-1.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap-devel-32bit-1.10.1-1.2.aarch64",
                "product": {
                  "name": "libpcap-devel-32bit-1.10.1-1.2.aarch64",
                  "product_id": "libpcap-devel-32bit-1.10.1-1.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap-devel-static-1.10.1-1.2.aarch64",
                "product": {
                  "name": "libpcap-devel-static-1.10.1-1.2.aarch64",
                  "product_id": "libpcap-devel-static-1.10.1-1.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap1-1.10.1-1.2.aarch64",
                "product": {
                  "name": "libpcap1-1.10.1-1.2.aarch64",
                  "product_id": "libpcap1-1.10.1-1.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap1-32bit-1.10.1-1.2.aarch64",
                "product": {
                  "name": "libpcap1-32bit-1.10.1-1.2.aarch64",
                  "product_id": "libpcap1-32bit-1.10.1-1.2.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpcap-devel-1.10.1-1.2.ppc64le",
                "product": {
                  "name": "libpcap-devel-1.10.1-1.2.ppc64le",
                  "product_id": "libpcap-devel-1.10.1-1.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap-devel-32bit-1.10.1-1.2.ppc64le",
                "product": {
                  "name": "libpcap-devel-32bit-1.10.1-1.2.ppc64le",
                  "product_id": "libpcap-devel-32bit-1.10.1-1.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap-devel-static-1.10.1-1.2.ppc64le",
                "product": {
                  "name": "libpcap-devel-static-1.10.1-1.2.ppc64le",
                  "product_id": "libpcap-devel-static-1.10.1-1.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap1-1.10.1-1.2.ppc64le",
                "product": {
                  "name": "libpcap1-1.10.1-1.2.ppc64le",
                  "product_id": "libpcap1-1.10.1-1.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap1-32bit-1.10.1-1.2.ppc64le",
                "product": {
                  "name": "libpcap1-32bit-1.10.1-1.2.ppc64le",
                  "product_id": "libpcap1-32bit-1.10.1-1.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpcap-devel-1.10.1-1.2.s390x",
                "product": {
                  "name": "libpcap-devel-1.10.1-1.2.s390x",
                  "product_id": "libpcap-devel-1.10.1-1.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap-devel-32bit-1.10.1-1.2.s390x",
                "product": {
                  "name": "libpcap-devel-32bit-1.10.1-1.2.s390x",
                  "product_id": "libpcap-devel-32bit-1.10.1-1.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap-devel-static-1.10.1-1.2.s390x",
                "product": {
                  "name": "libpcap-devel-static-1.10.1-1.2.s390x",
                  "product_id": "libpcap-devel-static-1.10.1-1.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap1-1.10.1-1.2.s390x",
                "product": {
                  "name": "libpcap1-1.10.1-1.2.s390x",
                  "product_id": "libpcap1-1.10.1-1.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap1-32bit-1.10.1-1.2.s390x",
                "product": {
                  "name": "libpcap1-32bit-1.10.1-1.2.s390x",
                  "product_id": "libpcap1-32bit-1.10.1-1.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpcap-devel-1.10.1-1.2.x86_64",
                "product": {
                  "name": "libpcap-devel-1.10.1-1.2.x86_64",
                  "product_id": "libpcap-devel-1.10.1-1.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap-devel-32bit-1.10.1-1.2.x86_64",
                "product": {
                  "name": "libpcap-devel-32bit-1.10.1-1.2.x86_64",
                  "product_id": "libpcap-devel-32bit-1.10.1-1.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap-devel-static-1.10.1-1.2.x86_64",
                "product": {
                  "name": "libpcap-devel-static-1.10.1-1.2.x86_64",
                  "product_id": "libpcap-devel-static-1.10.1-1.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap1-1.10.1-1.2.x86_64",
                "product": {
                  "name": "libpcap1-1.10.1-1.2.x86_64",
                  "product_id": "libpcap1-1.10.1-1.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcap1-32bit-1.10.1-1.2.x86_64",
                "product": {
                  "name": "libpcap1-32bit-1.10.1-1.2.x86_64",
                  "product_id": "libpcap1-32bit-1.10.1-1.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-1.10.1-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.aarch64"
        },
        "product_reference": "libpcap-devel-1.10.1-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-1.10.1-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.ppc64le"
        },
        "product_reference": "libpcap-devel-1.10.1-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-1.10.1-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.s390x"
        },
        "product_reference": "libpcap-devel-1.10.1-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-1.10.1-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.x86_64"
        },
        "product_reference": "libpcap-devel-1.10.1-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-32bit-1.10.1-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.aarch64"
        },
        "product_reference": "libpcap-devel-32bit-1.10.1-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-32bit-1.10.1-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.ppc64le"
        },
        "product_reference": "libpcap-devel-32bit-1.10.1-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-32bit-1.10.1-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.s390x"
        },
        "product_reference": "libpcap-devel-32bit-1.10.1-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-32bit-1.10.1-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.x86_64"
        },
        "product_reference": "libpcap-devel-32bit-1.10.1-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-static-1.10.1-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.aarch64"
        },
        "product_reference": "libpcap-devel-static-1.10.1-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-static-1.10.1-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.ppc64le"
        },
        "product_reference": "libpcap-devel-static-1.10.1-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-static-1.10.1-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.s390x"
        },
        "product_reference": "libpcap-devel-static-1.10.1-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap-devel-static-1.10.1-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.x86_64"
        },
        "product_reference": "libpcap-devel-static-1.10.1-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap1-1.10.1-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.aarch64"
        },
        "product_reference": "libpcap1-1.10.1-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap1-1.10.1-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.ppc64le"
        },
        "product_reference": "libpcap1-1.10.1-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap1-1.10.1-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.s390x"
        },
        "product_reference": "libpcap1-1.10.1-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap1-1.10.1-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.x86_64"
        },
        "product_reference": "libpcap1-1.10.1-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap1-32bit-1.10.1-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.aarch64"
        },
        "product_reference": "libpcap1-32bit-1.10.1-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap1-32bit-1.10.1-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.ppc64le"
        },
        "product_reference": "libpcap1-32bit-1.10.1-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap1-32bit-1.10.1-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.s390x"
        },
        "product_reference": "libpcap1-32bit-1.10.1-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcap1-32bit-1.10.1-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.x86_64"
        },
        "product_reference": "libpcap1-32bit-1.10.1-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-16301",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16301"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.x86_64",
          "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.x86_64",
          "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.x86_64",
          "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.x86_64",
          "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16301",
          "url": "https://www.suse.com/security/cve/CVE-2018-16301"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1153098 for CVE-2018-16301",
          "url": "https://bugzilla.suse.com/1153098"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1153332 for CVE-2018-16301",
          "url": "https://bugzilla.suse.com/1153332"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195825 for CVE-2018-16301",
          "url": "https://bugzilla.suse.com/1195825"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-16301"
    },
    {
      "cve": "CVE-2019-15161",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-15161"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.x86_64",
          "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.x86_64",
          "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.x86_64",
          "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.x86_64",
          "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.aarch64",
          "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.ppc64le",
          "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.s390x",
          "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-15161",
          "url": "https://www.suse.com/security/cve/CVE-2019-15161"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1153332 for CVE-2019-15161",
          "url": "https://bugzilla.suse.com/1153332"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-32bit-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap-devel-static-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap1-1.10.1-1.2.x86_64",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.aarch64",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.ppc64le",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.s390x",
            "openSUSE Tumbleweed:libpcap1-32bit-1.10.1-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-15161"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tcpdump:libpcap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11619557-69F9-455F-ADAA-86AC753BBC9C",
              "versionEndExcluding": "1.9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request."
    },
    {
      "lang": "es",
      "value": "El archivo rpcapd/daemon.c en libpcap versiones anteriores a 1.9.1, maneja inapropiadamente ciertos valores de longitud debido a la reutilizaci\u00f3n de una variable. Esto puede abrir un vector de ataque involucrando datos adicionales al final de una petici\u00f3n."
    }
  ],
  "id": "CVE-2019-15161",
  "lastModified": "2024-11-21T04:28:10.663",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-03T19:15:09.240",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2019/Dec/26"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product",
        "Release Notes"
      ],
      "url": "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://seclists.org/bugtraq/2019/Dec/23"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.apple.com/kb/HT210785"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.apple.com/kb/HT210788"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.apple.com/kb/HT210789"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.apple.com/kb/HT210790"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.tcpdump.org/public-cve-list.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2019/Dec/26"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Release Notes"
      ],
      "url": "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://seclists.org/bugtraq/2019/Dec/23"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/kb/HT210785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/kb/HT210788"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/kb/HT210789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/kb/HT210790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.tcpdump.org/public-cve-list.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-131"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iOS versions 13.x ant\u00e9rieures \u00e0 13.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Xcode versions ant\u00e9rieures \u00e0 11.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions 5.x ant\u00e9rieures \u00e0 5.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mojave sans le correctif de s\u00e9curit\u00e9 2019-002",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions 6.x ant\u00e9rieures \u00e0 6.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 13.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "High Sierra sans le correctif de s\u00e9curit\u00e9 2019-007",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 13.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 13.0.4",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Catalina versions ant\u00e9rieures \u00e0 10.15.2",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions 12.x ant\u00e9rieures \u00e0 12.4.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-14463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14463"
    },
    {
      "name": "CVE-2019-8847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8847"
    },
    {
      "name": "CVE-2018-14468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14468"
    },
    {
      "name": "CVE-2018-16451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16451"
    },
    {
      "name": "CVE-2015-1545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1545"
    },
    {
      "name": "CVE-2012-2668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2668"
    },
    {
      "name": "CVE-2012-1164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1164"
    },
    {
      "name": "CVE-2018-14881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14881"
    },
    {
      "name": "CVE-2017-16808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16808"
    },
    {
      "name": "CVE-2019-13057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13057"
    },
    {
      "name": "CVE-2019-8840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8840"
    },
    {
      "name": "CVE-2019-8835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8835"
    },
    {
      "name": "CVE-2018-16227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16227"
    },
    {
      "name": "CVE-2019-15165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15165"
    },
    {
      "name": "CVE-2019-8832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8832"
    },
    {
      "name": "CVE-2019-8844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8844"
    },
    {
      "name": "CVE-2019-8857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8857"
    },
    {
      "name": "CVE-2019-8841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8841"
    },
    {
      "name": "CVE-2019-8837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8837"
    },
    {
      "name": "CVE-2018-16228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16228"
    },
    {
      "name": "CVE-2019-15164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15164"
    },
    {
      "name": "CVE-2019-8852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8852"
    },
    {
      "name": "CVE-2019-8839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8839"
    },
    {
      "name": "CVE-2018-14465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14465"
    },
    {
      "name": "CVE-2019-15162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15162"
    },
    {
      "name": "CVE-2018-10103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10103"
    },
    {
      "name": "CVE-2018-14880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14880"
    },
    {
      "name": "CVE-2019-15161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15161"
    },
    {
      "name": "CVE-2018-14470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14470"
    },
    {
      "name": "CVE-2019-8856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8856"
    },
    {
      "name": "CVE-2018-14469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14469"
    },
    {
      "name": "CVE-2018-14879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14879"
    },
    {
      "name": "CVE-2019-8853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8853"
    },
    {
      "name": "CVE-2013-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4449"
    },
    {
      "name": "CVE-2018-10105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10105"
    },
    {
      "name": "CVE-2018-14466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14466"
    },
    {
      "name": "CVE-2019-8830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8830"
    },
    {
      "name": "CVE-2019-8833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8833"
    },
    {
      "name": "CVE-2019-15163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15163"
    },
    {
      "name": "CVE-2018-16301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16301"
    },
    {
      "name": "CVE-2018-16230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16230"
    },
    {
      "name": "CVE-2018-16452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16452"
    },
    {
      "name": "CVE-2019-8848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8848"
    },
    {
      "name": "CVE-2019-8842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8842"
    },
    {
      "name": "CVE-2018-14464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14464"
    },
    {
      "name": "CVE-2018-14462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14462"
    },
    {
      "name": "CVE-2019-8838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8838"
    },
    {
      "name": "CVE-2019-15166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15166"
    },
    {
      "name": "CVE-2018-14461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14461"
    },
    {
      "name": "CVE-2019-8828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8828"
    },
    {
      "name": "CVE-2018-14467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14467"
    },
    {
      "name": "CVE-2019-13565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
    },
    {
      "name": "CVE-2019-8846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8846"
    },
    {
      "name": "CVE-2018-14882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14882"
    },
    {
      "name": "CVE-2019-15167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15167"
    },
    {
      "name": "CVE-2019-15903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
    },
    {
      "name": "CVE-2018-16229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16229"
    },
    {
      "name": "CVE-2018-16300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16300"
    },
    {
      "name": "CVE-2019-8836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8836"
    }
  ],
  "initial_release_date": "2019-12-11T00:00:00",
  "last_revision_date": "2019-12-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-620",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-12-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210792 du 10 d\u00e9cembre 2019",
      "url": "https://support.apple.com/en-us/HT210792"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210789 du 10 d\u00e9cembre 2019",
      "url": "https://support.apple.com/en-us/HT210789"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210787 du 10 d\u00e9cembre 2019",
      "url": "https://support.apple.com/en-us/HT210787"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210785 du 10 d\u00e9cembre 2019",
      "url": "https://support.apple.com/en-us/HT210785"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210796 du 10 d\u00e9cembre 2019",
      "url": "https://support.apple.com/en-us/HT210796"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210791 du 10 d\u00e9cembre 2019",
      "url": "https://support.apple.com/en-us/HT210791"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210790 du 10 d\u00e9cembre 2019",
      "url": "https://support.apple.com/en-us/HT210790"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210788 du 10 d\u00e9cembre 2019",
      "url": "https://support.apple.com/en-us/HT210788"
    }
  ]
}

{
  "affected": [],
  "aliases": [
    "CVE-2019-15161"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-03T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.",
  "id": "GHSA-mpx8-phwc-v8wq",
  "modified": "2022-05-24T16:57:48Z",
  "published": "2022-05-24T16:57:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15161"
    },
    {
      "type": "WEB",
      "url": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea"
    },
    {
      "type": "WEB",
      "url": "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Dec/23"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT210785"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT210788"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT210789"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT210790"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.tcpdump.org/public-cve-list.txt"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Dec/26"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}