Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

Published

2005-12-31T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-189

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	easy_software_products	cups	1.1.22	Yes
Application	easy_software_products	cups	1.1.22_rc1	Yes
Application	easy_software_products	cups	1.1.23	Yes
Application	easy_software_products	cups	1.1.23_rc1	Yes
Application	kde	kdegraphics	3.2	Yes
Application	kde	kdegraphics	3.4.3	Yes
Application	kde	koffice	1.4	Yes
Application	kde	koffice	1.4.1	Yes
Application	kde	koffice	1.4.2	Yes
Application	kde	kpdf	3.2	Yes
Application	kde	kpdf	3.4.3	Yes
Application	kde	kword	1.4.2	Yes
Application	libextractor	libextractor	*	Yes
Application	poppler	poppler	0.4.2	Yes
Application	sgi	propack	3.0	Yes
Application	tetex	tetex	1.0.7	Yes
Application	tetex	tetex	2.0	Yes
Application	tetex	tetex	2.0.1	Yes
Application	tetex	tetex	2.0.2	Yes
Application	tetex	tetex	3.0	Yes
Application	xpdf	xpdf	3.0	Yes
Operating System	conectiva	linux	10.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	3.1	Yes
Operating System	gentoo	linux	*	Yes
Operating System	mandrakesoft	mandrake_linux	10.1	Yes
Operating System	mandrakesoft	mandrake_linux	10.1	Yes
Operating System	mandrakesoft	mandrake_linux	10.2	Yes
Operating System	mandrakesoft	mandrake_linux	10.2	Yes
Operating System	mandrakesoft	mandrake_linux	2006	Yes
Operating System	mandrakesoft	mandrake_linux	2006	Yes
Operating System	mandrakesoft	mandrake_linux_corporate_server	2.1	Yes
Operating System	mandrakesoft	mandrake_linux_corporate_server	2.1	Yes
Operating System	mandrakesoft	mandrake_linux_corporate_server	3.0	Yes
Operating System	mandrakesoft	mandrake_linux_corporate_server	3.0	Yes
Operating System	redhat	enterprise_linux	2.1	Yes
Operating System	redhat	enterprise_linux	2.1	Yes
Operating System	redhat	enterprise_linux	2.1	Yes
Operating System	redhat	enterprise_linux	2.1	Yes
Operating System	redhat	enterprise_linux	2.1	Yes
Operating System	redhat	enterprise_linux	2.1	Yes
Operating System	redhat	enterprise_linux	3.0	Yes
Operating System	redhat	enterprise_linux	3.0	Yes
Operating System	redhat	enterprise_linux	3.0	Yes
Operating System	redhat	enterprise_linux	4.0	Yes
Operating System	redhat	enterprise_linux	4.0	Yes
Operating System	redhat	enterprise_linux	4.0	Yes
Operating System	redhat	enterprise_linux_desktop	3.0	Yes
Operating System	redhat	enterprise_linux_desktop	4.0	Yes
Operating System	redhat	fedora_core	core_1.0	Yes
Operating System	redhat	fedora_core	core_2.0	Yes
Operating System	redhat	fedora_core	core_3.0	Yes
Operating System	redhat	fedora_core	core_4.0	Yes
Operating System	redhat	linux	7.3	Yes
Operating System	redhat	linux	9.0	Yes
Operating System	redhat	linux_advanced_workstation	2.1	Yes
Operating System	redhat	linux_advanced_workstation	2.1	Yes
Operating System	sco	openserver	5.0.7	Yes
Operating System	sco	openserver	6.0	Yes
Operating System	slackware	slackware_linux	9.0	Yes
Operating System	slackware	slackware_linux	9.1	Yes
Operating System	slackware	slackware_linux	10.0	Yes
Operating System	slackware	slackware_linux	10.1	Yes
Operating System	slackware	slackware_linux	10.2	Yes
Operating System	suse	suse_linux	1.0	Yes
Operating System	suse	suse_linux	9.0	Yes
Operating System	suse	suse_linux	9.0	Yes
Operating System	suse	suse_linux	9.0	Yes
Operating System	suse	suse_linux	9.0	Yes
Operating System	suse	suse_linux	9.0	Yes
Operating System	suse	suse_linux	9.1	Yes
Operating System	suse	suse_linux	9.1	Yes
Operating System	suse	suse_linux	9.1	Yes
Operating System	suse	suse_linux	9.2	Yes
Operating System	suse	suse_linux	9.2	Yes
Operating System	suse	suse_linux	9.2	Yes
Operating System	suse	suse_linux	9.3	Yes
Operating System	suse	suse_linux	9.3	Yes
Operating System	suse	suse_linux	9.3	Yes
Operating System	suse	suse_linux	10.0	Yes
Operating System	suse	suse_linux	10.0	Yes
Operating System	trustix	secure_linux	2.0	Yes
Operating System	trustix	secure_linux	2.2	Yes
Operating System	trustix	secure_linux	3.0	Yes
Operating System	turbolinux	turbolinux	10	Yes
Operating System	turbolinux	turbolinux	fuji	Yes
Operating System	turbolinux	turbolinux_appliance_server	1.0_hosting_edition	Yes
Operating System	turbolinux	turbolinux_appliance_server	1.0_workgroup_edition	Yes
Operating System	turbolinux	turbolinux_desktop	10.0	Yes
Operating System	turbolinux	turbolinux_home	*	Yes
Operating System	turbolinux	turbolinux_multimedia	*	Yes
Operating System	turbolinux	turbolinux_personal	*	Yes
Operating System	turbolinux	turbolinux_server	8.0	Yes
Operating System	turbolinux	turbolinux_server	10.0	Yes
Operating System	turbolinux	turbolinux_server	10.0_x86	Yes
Operating System	turbolinux	turbolinux_workstation	8.0	Yes
Operating System	ubuntu	ubuntu_linux	4.1	Yes
Operating System	ubuntu	ubuntu_linux	4.1	Yes
Operating System	ubuntu	ubuntu_linux	5.04	Yes
Operating System	ubuntu	ubuntu_linux	5.04	Yes
Operating System	ubuntu	ubuntu_linux	5.04	Yes
Operating System	ubuntu	ubuntu_linux	5.10	Yes
Operating System	ubuntu	ubuntu_linux	5.10	Yes
Operating System	ubuntu	ubuntu_linux	5.10	Yes

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U ([email protected])
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html Patch ([email protected])
http://rhn.redhat.com/errata/RHSA-2006-0177.html Patch, Vendor Advisory ([email protected])
http://scary.beasts.org/security/CESA-2005-003.txt Exploit, Vendor Advisory ([email protected])
http://secunia.com/advisories/18147 ([email protected])
http://secunia.com/advisories/18303 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18312 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18313 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18329 Vendor Advisory ([email protected])
http://secunia.com/advisories/18332 Vendor Advisory ([email protected])
http://secunia.com/advisories/18334 ([email protected])
http://secunia.com/advisories/18338 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18349 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18373 ([email protected])
http://secunia.com/advisories/18375 Vendor Advisory ([email protected])
http://secunia.com/advisories/18380 ([email protected])
http://secunia.com/advisories/18385 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18387 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18389 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18398 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18407 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18414 ([email protected])
http://secunia.com/advisories/18416 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18423 Vendor Advisory ([email protected])
http://secunia.com/advisories/18425 ([email protected])
http://secunia.com/advisories/18428 ([email protected])
http://secunia.com/advisories/18436 ([email protected])
http://secunia.com/advisories/18448 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18463 ([email protected])
http://secunia.com/advisories/18517 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18534 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18554 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18582 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/18642 Vendor Advisory ([email protected])
http://secunia.com/advisories/18644 Vendor Advisory ([email protected])
http://secunia.com/advisories/18674 Vendor Advisory ([email protected])
http://secunia.com/advisories/18675 Vendor Advisory ([email protected])
http://secunia.com/advisories/18679 Vendor Advisory ([email protected])
http://secunia.com/advisories/18908 ([email protected])
http://secunia.com/advisories/18913 Vendor Advisory ([email protected])
http://secunia.com/advisories/19230 ([email protected])
http://secunia.com/advisories/19377 ([email protected])
http://secunia.com/advisories/25729 ([email protected])
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 ([email protected])
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 ([email protected])
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 ([email protected])
http://www.debian.org/security/2005/dsa-931 ([email protected])
http://www.debian.org/security/2005/dsa-932 ([email protected])
http://www.debian.org/security/2005/dsa-937 ([email protected])
http://www.debian.org/security/2005/dsa-938 ([email protected])
http://www.debian.org/security/2005/dsa-940 ([email protected])
http://www.debian.org/security/2006/dsa-936 Patch, Vendor Advisory ([email protected])
http://www.debian.org/security/2006/dsa-950 Patch, Vendor Advisory ([email protected])
http://www.debian.org/security/2006/dsa-961 Patch, Vendor Advisory ([email protected])
http://www.debian.org/security/2006/dsa-962 Patch, Vendor Advisory ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml Patch, Vendor Advisory ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml Patch, Vendor Advisory ([email protected])
http://www.kde.org/info/security/advisory-20051207-2.txt Patch, Vendor Advisory ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 ([email protected])
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html ([email protected])
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0160.html Patch, Vendor Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0163.html ([email protected])
http://www.securityfocus.com/archive/1/427053/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/427990/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/16143 Patch ([email protected])
http://www.trustix.org/errata/2006/0002/ ([email protected])
http://www.vupen.com/english/advisories/2006/0047 ([email protected])
http://www.vupen.com/english/advisories/2007/2280 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/24022 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437 ([email protected])
https://usn.ubuntu.com/236-1/ ([email protected])
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt (af854a3a-2127-422b-91ae-364da2661108)
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U (af854a3a-2127-422b-91ae-364da2661108)
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U (af854a3a-2127-422b-91ae-364da2661108)
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U (af854a3a-2127-422b-91ae-364da2661108)
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0177.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://scary.beasts.org/security/CESA-2005-003.txt Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18147 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18303 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18312 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18313 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18329 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18332 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18334 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18338 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18349 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18373 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18375 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18380 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18385 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18387 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18389 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18398 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18407 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18414 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18416 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18423 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18425 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18428 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18436 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18448 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18463 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18517 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18534 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18554 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18582 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18642 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18644 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18674 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18675 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18679 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18908 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18913 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/19230 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/19377 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25729 (af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 (af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 (af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2005/dsa-931 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2005/dsa-932 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2005/dsa-937 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2005/dsa-938 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2005/dsa-940 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-936 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-950 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-961 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-962 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.kde.org/info/security/advisory-20051207-2.txt Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0160.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0163.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/427053/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/427990/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/16143 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.trustix.org/errata/2006/0002/ (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/0047 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/2280 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/24022 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437 (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/236-1/ (af854a3a-2127-422b-91ae-364da2661108)