Linux Enterprise Server

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-14	CVE-2018-16874	In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). network high complexity golang opensuse suse debian	8.1
2018-12-14	CVE-2018-16873	In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. network high complexity golang opensuse suse debian	8.1
2018-11-26	CVE-2018-19543	Out-of-bounds Read vulnerability in multiple products An issue was discovered in JasPer 2.0.14. local low complexity jasper-project canonical debian suse CWE-125	7.8
2018-11-26	CVE-2018-19542	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. network low complexity jasper-project canonical suse debian opensuse CWE-476	6.5
2018-11-26	CVE-2018-19541	Out-of-bounds Read vulnerability in multiple products An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. network low complexity jasper-project canonical suse debian CWE-125	8.8
2018-11-26	CVE-2018-19540	Out-of-bounds Write vulnerability in multiple products An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. network low complexity jasper-project suse debian CWE-787	8.8
2018-11-26	CVE-2018-19539	Reachable Assertion vulnerability in multiple products An issue was discovered in JasPer 2.0.14. network low complexity jasper-project suse debian opensuse CWE-617	6.5
2018-10-31	CVE-2018-18873	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. local low complexity jasper-project canonical debian suse CWE-476	5.5
2018-10-23	CVE-2018-18585	NULL Pointer Dereference vulnerability in multiple products chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). network low complexity kyzer debian redhat canonical suse starwindsoftware CWE-476	4.3
2018-10-23	CVE-2018-18584	Out-of-bounds Write vulnerability in multiple products In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. network low complexity libmspack-project cabextract-project debian redhat canonical suse starwindsoftware CWE-787	6.5