Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support RHEL OVALv2 #130

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Support RHEL OVALv2 #130

wants to merge 2 commits into from

Conversation

MaineK00n
Copy link
Collaborator

@MaineK00n MaineK00n commented Jun 3, 2021
edited
Loading

What did you implement:

Fixes #85

Support OVALv2 in RHEL.
For RHEL 5, OVALv2 has less data, so OVALv1 is used.
OVALv2 is divided into EUS/AUS/TUS/ELS in detail, and we are looking forward to it.
OVAL, which contains unpatched data, is also provided.

Type of change

  • New feature (non-breaking change which adds functionality)

How Has This Been Tested?

goval-dictionary fetch-redhat

RHEL 5 brings OVALv1 data, while RHEL8 and RHEL8.1 EUS bring OVALv2 data.

$ goval-dictionary fetch-redhat 5 8 8.1-eus
INFO[02-02|11:10:13] Fetching...                              URL=https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL5.xml.bz2
INFO[02-02|11:10:13] Fetching...                              URL=https://www.redhat.com/security/data/oval/v2/RHEL8/rhel-8.oval.xml.bz2
INFO[02-02|11:10:14] Fetching...                              URL=https://www.redhat.com/security/data/oval/v2/RHEL8/rhel-8.1-eus.oval.xml.bz2
INFO[02-02|11:10:15] Fetched                                  File=rhel-8.1-eus.oval.xml.bz2 Count=383 Timestamp=2022-01-29T12:39:31
WARN[02-02|11:10:15] The fetched OVAL has not been updated for 3 days, the OVAL URL may have changed, please register a GitHub issue. GitHub=https://github.com/vulsio/goval-dictionary/issues OVAL=https://www.redhat.com/security/data/oval/v2/RHEL8/rhel-8.1-eus.oval.xml.bz2 Timestamp=2022-01-29T12:39:31
INFO[02-02|11:10:15] Fetched                                  File=com.redhat.rhsa-RHEL5.xml.bz2 Count=1172 Timestamp=2022-02-01T13:08:48
INFO[02-02|11:10:16] Fetched                                  File=rhel-8.oval.xml.bz2 Count=807 Timestamp=2022-02-01T18:43:42
INFO[02-02|11:10:16] Refreshing...                            Family=redhat Version=8.1-eus
INFO[02-02|11:10:16] Inserting new Definitions... 
383 / 383 [-------------------------------------------------------------------------------] 100.00% ? p/s
INFO[02-02|11:10:16] Finish                                   Updated=383
INFO[02-02|11:10:16] Refreshing...                            Family=redhat Version=5
INFO[02-02|11:10:16] Inserting new Definitions... 
1172 / 1172 [------------------------------------------------------------------------] 100.00% 114163 p/s
INFO[02-02|11:10:16] Finish                                   Updated=1172
INFO[02-02|11:10:16] Refreshing...                            Family=redhat Version=8
INFO[02-02|11:10:16] Inserting new Definitions... 
807 / 807 [-------------------------------------------------------------------------------] 100.00% ? p/s
INFO[02-02|11:10:16] Finish                                   Updated=807

goval-dictionary select -by-cveid

  • master
$ goval-dictionary select --by-cveid redhat 8 CVE-2021-3480
RHSA-2021:1983: idm:DL1 security update (Important)
[{2390 573 CVE-2021-3480  7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CWE-476 important https://access.redhat.com/security/cve/CVE-2021-3480 20210517}]
------------------
[]models.Definition{
  models.Definition{
    ID:           0x23d,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20211983",
    Title:        "RHSA-2021:1983: idm:DL1 security update (Important)",
    Description:  "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. \n\nSecurity Fix(es):\n\n* slapi-nis: NULL dereference (DoS) with specially crafted Binding DN (CVE-2021-3480)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
    Advisory:     models.Advisory{
      ID:           0x23d,
      DefinitionID: 0x23d,
      Severity:     "Important",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x956,
          AdvisoryID: 0x23d,
          CveID:      "CVE-2021-3480",
          Cvss2:      "",
          Cvss3:      "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-476",
          Impact:     "important",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-3480",
          Public:     "20210517",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x955,
          AdvisoryID: 0x23d,
          BugzillaID: "1944640",
          URL:        "https://bugzilla.redhat.com/1944640",
          Title:      "CVE-2021-3480 slapi-nis: NULL dereference (DoS) with specially crafted Binding DN",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x5d8,
          AdvisoryID: 0x23d,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x5d9,
          AdvisoryID: 0x23d,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
      },
      Issued:  2021-05-18 00:00:00 UTC,
      Updated: 2021-05-18 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x2051,
        DefinitionID:    0x23d,
        Name:            "bind-dyndb-ldap",
        Version:         "0:11.6-2.module+el8.4.0+9328+4ec4e316",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2052,
        DefinitionID:    0x23d,
        Name:            "custodia",
        Version:         "0:0.6.0-3.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2053,
        DefinitionID:    0x23d,
        Name:            "ipa-client",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2054,
        DefinitionID:    0x23d,
        Name:            "ipa-client-common",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2055,
        DefinitionID:    0x23d,
        Name:            "ipa-client-epn",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2056,
        DefinitionID:    0x23d,
        Name:            "ipa-client-samba",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2057,
        DefinitionID:    0x23d,
        Name:            "ipa-common",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2058,
        DefinitionID:    0x23d,
        Name:            "ipa-healthcheck",
        Version:         "0:0.7-3.module+el8.4.0+9007+5084bdd8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2059,
        DefinitionID:    0x23d,
        Name:            "ipa-healthcheck-core",
        Version:         "0:0.7-3.module+el8.4.0+9007+5084bdd8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x205a,
        DefinitionID:    0x23d,
        Name:            "ipa-python-compat",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x205b,
        DefinitionID:    0x23d,
        Name:            "ipa-selinux",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x205c,
        DefinitionID:    0x23d,
        Name:            "ipa-server",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x205d,
        DefinitionID:    0x23d,
        Name:            "ipa-server-common",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x205e,
        DefinitionID:    0x23d,
        Name:            "ipa-server-dns",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x205f,
        DefinitionID:    0x23d,
        Name:            "ipa-server-trust-ad",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2060,
        DefinitionID:    0x23d,
        Name:            "opendnssec",
        Version:         "0:2.1.7-1.module+el8.4.0+9007+5084bdd8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2061,
        DefinitionID:    0x23d,
        Name:            "python3-custodia",
        Version:         "0:0.6.0-3.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2062,
        DefinitionID:    0x23d,
        Name:            "python3-ipaclient",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2063,
        DefinitionID:    0x23d,
        Name:            "python3-ipalib",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2064,
        DefinitionID:    0x23d,
        Name:            "python3-ipaserver",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2065,
        DefinitionID:    0x23d,
        Name:            "python3-ipatests",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2066,
        DefinitionID:    0x23d,
        Name:            "python3-jwcrypto",
        Version:         "0:0.5.0-1.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2067,
        DefinitionID:    0x23d,
        Name:            "python3-kdcproxy",
        Version:         "0:0.4-5.module+el8.2.0+4691+a05b2456",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2068,
        DefinitionID:    0x23d,
        Name:            "python3-pyusb",
        Version:         "0:1.0.0-9.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x2069,
        DefinitionID:    0x23d,
        Name:            "python3-qrcode",
        Version:         "0:5.1-12.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x206a,
        DefinitionID:    0x23d,
        Name:            "python3-qrcode-core",
        Version:         "0:5.1-12.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x206b,
        DefinitionID:    0x23d,
        Name:            "python3-yubico",
        Version:         "0:1.3.2-9.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x206c,
        DefinitionID:    0x23d,
        Name:            "slapi-nis",
        Version:         "0:0.56.6-2.module+el8.4.0+10615+2234cc2c",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x206d,
        DefinitionID:    0x23d,
        Name:            "softhsm",
        Version:         "0:2.6.0-5.module+el8.4.0+10227+076cd560",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x206e,
        DefinitionID:    0x23d,
        Name:            "softhsm-devel",
        Version:         "0:2.6.0-5.module+el8.4.0+10227+076cd560",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0xb92,
        DefinitionID: 0x23d,
        Source:       "RHSA",
        RefID:        "RHSA-2021:1983",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:1983",
      },
      models.Reference{
        ID:           0xb93,
        DefinitionID: 0x23d,
        Source:       "CVE",
        RefID:        "CVE-2021-3480",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-3480",
      },
    },
  },
}
  • MaineK00n:support-rhel-ovalv2
$ goval-dictionary select --by-cveid redhat 8 CVE-2021-3480
RHSA-2021:1983: idm:DL1 security update (Important)
[{8466 2128 CVE-2021-3480  7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CWE-476 important https://access.redhat.com/security/cve/CVE-2021-3480 20210517}]
------------------
[]models.Definition{
  models.Definition{
    ID:           0x850,
    RootID:       0x3,
    DefinitionID: "oval:com.redhat.rhsa:def:20211983",
    Title:        "RHSA-2021:1983: idm:DL1 security update (Important)",
    Description:  "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. \n\nSecurity Fix(es):\n\n* slapi-nis: NULL dereference (DoS) with specially crafted Binding DN (CVE-2021-3480)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
    Advisory:     models.Advisory{
      ID:           0x850,
      DefinitionID: 0x850,
      Severity:     "Important",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x2112,
          AdvisoryID: 0x850,
          CveID:      "CVE-2021-3480",
          Cvss2:      "",
          Cvss3:      "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-476",
          Impact:     "important",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-3480",
          Public:     "20210517",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x2002,
          AdvisoryID: 0x850,
          BugzillaID: "1944640",
          URL:        "https://bugzilla.redhat.com/1944640",
          Title:      "CVE-2021-3480 slapi-nis: NULL dereference (DoS) with specially crafted Binding DN",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x4591,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x4592,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
        models.Cpe{
          ID:         0x4593,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::crb",
        },
        models.Cpe{
          ID:         0x4594,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::highavailability",
        },
        models.Cpe{
          ID:         0x4595,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::nfv",
        },
        models.Cpe{
          ID:         0x4596,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::realtime",
        },
        models.Cpe{
          ID:         0x4597,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::resilientstorage",
        },
        models.Cpe{
          ID:         0x4598,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap",
        },
        models.Cpe{
          ID:         0x4599,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap_hana",
        },
        models.Cpe{
          ID:         0x459a,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::supplementary",
        },
        models.Cpe{
          ID:         0x459b,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x459c,
          AdvisoryID: 0x850,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-05-18 00:00:00 UTC,
      Updated: 2021-05-18 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x5a03,
        DefinitionID:    0x850,
        Name:            "bind-dyndb-ldap",
        Version:         "0:11.6-2.module+el8.4.0+9328+4ec4e316",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a04,
        DefinitionID:    0x850,
        Name:            "custodia",
        Version:         "0:0.6.0-3.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a05,
        DefinitionID:    0x850,
        Name:            "ipa-client",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a06,
        DefinitionID:    0x850,
        Name:            "ipa-client-common",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a07,
        DefinitionID:    0x850,
        Name:            "ipa-client-epn",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a08,
        DefinitionID:    0x850,
        Name:            "ipa-client-samba",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a09,
        DefinitionID:    0x850,
        Name:            "ipa-common",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a0a,
        DefinitionID:    0x850,
        Name:            "ipa-healthcheck",
        Version:         "0:0.7-3.module+el8.4.0+9007+5084bdd8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a0b,
        DefinitionID:    0x850,
        Name:            "ipa-healthcheck-core",
        Version:         "0:0.7-3.module+el8.4.0+9007+5084bdd8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a0c,
        DefinitionID:    0x850,
        Name:            "ipa-python-compat",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a0d,
        DefinitionID:    0x850,
        Name:            "ipa-selinux",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a0e,
        DefinitionID:    0x850,
        Name:            "ipa-server",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a0f,
        DefinitionID:    0x850,
        Name:            "ipa-server-common",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a10,
        DefinitionID:    0x850,
        Name:            "ipa-server-dns",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a11,
        DefinitionID:    0x850,
        Name:            "ipa-server-trust-ad",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a12,
        DefinitionID:    0x850,
        Name:            "opendnssec",
        Version:         "0:2.1.7-1.module+el8.4.0+9007+5084bdd8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a13,
        DefinitionID:    0x850,
        Name:            "python3-custodia",
        Version:         "0:0.6.0-3.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a14,
        DefinitionID:    0x850,
        Name:            "python3-ipaclient",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a15,
        DefinitionID:    0x850,
        Name:            "python3-ipalib",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a16,
        DefinitionID:    0x850,
        Name:            "python3-ipaserver",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a17,
        DefinitionID:    0x850,
        Name:            "python3-ipatests",
        Version:         "0:4.9.2-3.module+el8.4.0+10412+5ecb5b37",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a18,
        DefinitionID:    0x850,
        Name:            "python3-jwcrypto",
        Version:         "0:0.5.0-1.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a19,
        DefinitionID:    0x850,
        Name:            "python3-kdcproxy",
        Version:         "0:0.4-5.module+el8.2.0+4691+a05b2456",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a1a,
        DefinitionID:    0x850,
        Name:            "python3-pyusb",
        Version:         "0:1.0.0-9.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a1b,
        DefinitionID:    0x850,
        Name:            "python3-qrcode",
        Version:         "0:5.1-12.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a1c,
        DefinitionID:    0x850,
        Name:            "python3-qrcode-core",
        Version:         "0:5.1-12.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a1d,
        DefinitionID:    0x850,
        Name:            "python3-yubico",
        Version:         "0:1.3.2-9.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a1e,
        DefinitionID:    0x850,
        Name:            "slapi-nis",
        Version:         "0:0.56.6-2.module+el8.4.0+10615+2234cc2c",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a1f,
        DefinitionID:    0x850,
        Name:            "softhsm",
        Version:         "0:2.6.0-5.module+el8.4.0+10227+076cd560",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0x5a20,
        DefinitionID:    0x850,
        Name:            "softhsm-devel",
        Version:         "0:2.6.0-5.module+el8.4.0+10227+076cd560",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x2961,
        DefinitionID: 0x850,
        Source:       "RHSA",
        RefID:        "RHSA-2021:1983",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:1983",
      },
      models.Reference{
        ID:           0x2962,
        DefinitionID: 0x850,
        Source:       "CVE",
        RefID:        "CVE-2021-3480",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-3480",
      },
    },
  },
}


$ goval-dictionary select --by-cveid redhat 8.1-eus CVE-2021-3480
RHSA-2021:2027: ipa security update (Important)
[{1341 322 CVE-2021-3480  7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CWE-476 important https://access.redhat.com/security/cve/CVE-2021-3480 20210517}]
------------------
[]models.Definition{
  models.Definition{
    ID:           0x142,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20212027",
    Title:        "RHSA-2021:2027: ipa security update (Important)",
    Description:  "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. \n\nSecurity Fix(es):\n\n* slapi-nis: NULL dereference (DoS) with specially crafted Binding DN (CVE-2021-3480)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
    Advisory:     models.Advisory{
      ID:           0x142,
      DefinitionID: 0x142,
      Severity:     "Important",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x53d,
          AdvisoryID: 0x142,
          CveID:      "CVE-2021-3480",
          Cvss2:      "",
          Cvss3:      "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-476",
          Impact:     "important",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-3480",
          Public:     "20210517",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x53d,
          AdvisoryID: 0x142,
          BugzillaID: "1944640",
          URL:        "https://bugzilla.redhat.com/1944640",
          Title:      "CVE-2021-3480 slapi-nis: NULL dereference (DoS) with specially crafted Binding DN",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0xc8b,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1",
        },
        models.Cpe{
          ID:         0xc8c,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::appstream",
        },
        models.Cpe{
          ID:         0xc8d,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::crb",
        },
        models.Cpe{
          ID:         0xc8e,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::highavailability",
        },
        models.Cpe{
          ID:         0xc8f,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::resilientstorage",
        },
        models.Cpe{
          ID:         0xc90,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::sap",
        },
        models.Cpe{
          ID:         0xc91,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::sap_hana",
        },
        models.Cpe{
          ID:         0xc92,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::supplementary",
        },
        models.Cpe{
          ID:         0xc93,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/o:redhat:rhel_eus:8.1",
        },
        models.Cpe{
          ID:         0xc94,
          AdvisoryID: 0x142,
          Cpe:        "cpe:/o:redhat:rhel_eus:8.1::baseos",
        },
      },
      Issued:  2021-05-19 00:00:00 UTC,
      Updated: 2021-05-19 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0xf4c,
        DefinitionID:    0x142,
        Name:            "bind-dyndb-ldap",
        Version:         "0:11.1-14.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf4d,
        DefinitionID:    0x142,
        Name:            "custodia",
        Version:         "0:0.6.0-3.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf4e,
        DefinitionID:    0x142,
        Name:            "ipa-client",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf4f,
        DefinitionID:    0x142,
        Name:            "ipa-client-common",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf50,
        DefinitionID:    0x142,
        Name:            "ipa-client-samba",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf51,
        DefinitionID:    0x142,
        Name:            "ipa-common",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf52,
        DefinitionID:    0x142,
        Name:            "ipa-healthcheck",
        Version:         "0:0.3-4.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf53,
        DefinitionID:    0x142,
        Name:            "ipa-idoverride-memberof-plugin",
        Version:         "0:0.0.4-6.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf54,
        DefinitionID:    0x142,
        Name:            "ipa-python-compat",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf55,
        DefinitionID:    0x142,
        Name:            "ipa-server",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf56,
        DefinitionID:    0x142,
        Name:            "ipa-server-common",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf57,
        DefinitionID:    0x142,
        Name:            "ipa-server-dns",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf58,
        DefinitionID:    0x142,
        Name:            "ipa-server-trust-ad",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf59,
        DefinitionID:    0x142,
        Name:            "opendnssec",
        Version:         "0:1.4.14-1.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf5a,
        DefinitionID:    0x142,
        Name:            "python3-custodia",
        Version:         "0:0.6.0-3.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf5b,
        DefinitionID:    0x142,
        Name:            "python3-ipaclient",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf5c,
        DefinitionID:    0x142,
        Name:            "python3-ipalib",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf5d,
        DefinitionID:    0x142,
        Name:            "python3-ipaserver",
        Version:         "0:4.8.0-13.module+el8.1.0+4923+c6efe041",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf5e,
        DefinitionID:    0x142,
        Name:            "python3-jwcrypto",
        Version:         "0:0.5.0-1.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf5f,
        DefinitionID:    0x142,
        Name:            "python3-kdcproxy",
        Version:         "0:0.4-3.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf60,
        DefinitionID:    0x142,
        Name:            "python3-pyusb",
        Version:         "0:1.0.0-9.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf61,
        DefinitionID:    0x142,
        Name:            "python3-qrcode",
        Version:         "0:5.1-12.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf62,
        DefinitionID:    0x142,
        Name:            "python3-qrcode-core",
        Version:         "0:5.1-12.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf63,
        DefinitionID:    0x142,
        Name:            "python3-yubico",
        Version:         "0:1.3.2-9.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf64,
        DefinitionID:    0x142,
        Name:            "slapi-nis",
        Version:         "0:0.56.3-3.module+el8.1.0+10781+dffa5bca",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf65,
        DefinitionID:    0x142,
        Name:            "softhsm",
        Version:         "0:2.4.0-2.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
      models.Package{
        ID:              0xf66,
        DefinitionID:    0x142,
        Name:            "softhsm-devel",
        Version:         "0:2.4.0-2.module+el8.1.0+4098+f286395e",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "idm:DL1",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x67e,
        DefinitionID: 0x142,
        Source:       "RHSA",
        RefID:        "RHSA-2021:2027",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:2027",
      },
      models.Reference{
        ID:           0x67f,
        DefinitionID: 0x142,
        Source:       "CVE",
        RefID:        "CVE-2021-3480",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-3480",
      },
    },
  },
}

goval-dictionary select -by-package

  • master
$ goval-dictionary select -by-package redhat 8 curl
CVE-2018-16890
    {2128 141 curl 0:7.61.1-11.el8  false }
    {2129 141 libcurl 0:7.61.1-11.el8  false }
    {2130 141 libcurl-devel 0:7.61.1-11.el8  false }
    {2131 141 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2018-20483
    {2128 141 curl 0:7.61.1-11.el8  false }
    {2129 141 libcurl 0:7.61.1-11.el8  false }
    {2130 141 libcurl-devel 0:7.61.1-11.el8  false }
    {2131 141 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2019-3822
    {2128 141 curl 0:7.61.1-11.el8  false }
    {2129 141 libcurl 0:7.61.1-11.el8  false }
    {2130 141 libcurl-devel 0:7.61.1-11.el8  false }
    {2131 141 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2019-3823
    {2128 141 curl 0:7.61.1-11.el8  false }
    {2129 141 libcurl 0:7.61.1-11.el8  false }
    {2130 141 libcurl-devel 0:7.61.1-11.el8  false }
    {2131 141 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2019-5436
    {3667 251 curl 0:7.61.1-12.el8  false }
    {3668 251 libcurl 0:7.61.1-12.el8  false }
    {3669 251 libcurl-devel 0:7.61.1-12.el8  false }
    {3670 251 libcurl-minimal 0:7.61.1-12.el8  false }
CVE-2019-5481
    {3667 251 curl 0:7.61.1-12.el8  false }
    {3668 251 libcurl 0:7.61.1-12.el8  false }
    {3669 251 libcurl-devel 0:7.61.1-12.el8  false }
    {3670 251 libcurl-minimal 0:7.61.1-12.el8  false }
CVE-2019-5482
    {3667 251 curl 0:7.61.1-12.el8  false }
    {3668 251 libcurl 0:7.61.1-12.el8  false }
    {3669 251 libcurl-devel 0:7.61.1-12.el8  false }
    {3670 251 libcurl-minimal 0:7.61.1-12.el8  false }
CVE-2020-8177
    {5426 384 curl 0:7.61.1-14.el8  false }
    {5427 384 libcurl 0:7.61.1-14.el8  false }
    {5428 384 libcurl-devel 0:7.61.1-14.el8  false }
    {5429 384 libcurl-minimal 0:7.61.1-14.el8  false }
CVE-2020-8231
    {7573 527 curl 0:7.61.1-18.el8  false }
    {7574 527 libcurl 0:7.61.1-18.el8  false }
    {7575 527 libcurl-devel 0:7.61.1-18.el8  false }
    {7576 527 libcurl-minimal 0:7.61.1-18.el8  false }
CVE-2020-8284
    {7573 527 curl 0:7.61.1-18.el8  false }
    {7574 527 libcurl 0:7.61.1-18.el8  false }
    {7575 527 libcurl-devel 0:7.61.1-18.el8  false }
    {7576 527 libcurl-minimal 0:7.61.1-18.el8  false }
CVE-2020-8285
    {7573 527 curl 0:7.61.1-18.el8  false }
    {7574 527 libcurl 0:7.61.1-18.el8  false }
    {7575 527 libcurl-devel 0:7.61.1-18.el8  false }
    {7576 527 libcurl-minimal 0:7.61.1-18.el8  false }
CVE-2020-8286
    {7573 527 curl 0:7.61.1-18.el8  false }
    {7574 527 libcurl 0:7.61.1-18.el8  false }
    {7575 527 libcurl-devel 0:7.61.1-18.el8  false }
    {7576 527 libcurl-minimal 0:7.61.1-18.el8  false }
CVE-2021-22922
    {9336 658 curl 0:7.61.1-18.el8_4.1  false }
    {9337 658 libcurl 0:7.61.1-18.el8_4.1  false }
    {9338 658 libcurl-devel 0:7.61.1-18.el8_4.1  false }
    {9339 658 libcurl-minimal 0:7.61.1-18.el8_4.1  false }
CVE-2021-22923
    {9336 658 curl 0:7.61.1-18.el8_4.1  false }
    {9337 658 libcurl 0:7.61.1-18.el8_4.1  false }
    {9338 658 libcurl-devel 0:7.61.1-18.el8_4.1  false }
    {9339 658 libcurl-minimal 0:7.61.1-18.el8_4.1  false }
CVE-2021-22924
    {9336 658 curl 0:7.61.1-18.el8_4.1  false }
    {9337 658 libcurl 0:7.61.1-18.el8_4.1  false }
    {9338 658 libcurl-devel 0:7.61.1-18.el8_4.1  false }
    {9339 658 libcurl-minimal 0:7.61.1-18.el8_4.1  false }
CVE-2021-22946
    {9507 676 curl 0:7.61.1-18.el8_4.2  false }
    {9508 676 libcurl 0:7.61.1-18.el8_4.2  false }
    {9509 676 libcurl-devel 0:7.61.1-18.el8_4.2  false }
    {9510 676 libcurl-minimal 0:7.61.1-18.el8_4.2  false }
CVE-2021-22947
    {9507 676 curl 0:7.61.1-18.el8_4.2  false }
    {9508 676 libcurl 0:7.61.1-18.el8_4.2  false }
    {9509 676 libcurl-devel 0:7.61.1-18.el8_4.2  false }
    {9510 676 libcurl-minimal 0:7.61.1-18.el8_4.2  false }
CVE-2021-22876
    {10700 755 curl 0:7.61.1-22.el8  false }
    {10701 755 libcurl 0:7.61.1-22.el8  false }
    {10702 755 libcurl-devel 0:7.61.1-22.el8  false }
    {10703 755 libcurl-minimal 0:7.61.1-22.el8  false }
CVE-2021-22898
    {10700 755 curl 0:7.61.1-22.el8  false }
    {10701 755 libcurl 0:7.61.1-22.el8  false }
    {10702 755 libcurl-devel 0:7.61.1-22.el8  false }
    {10703 755 libcurl-minimal 0:7.61.1-22.el8  false }
CVE-2021-22925
    {10700 755 curl 0:7.61.1-22.el8  false }
    {10701 755 libcurl 0:7.61.1-22.el8  false }
    {10702 755 libcurl-devel 0:7.61.1-22.el8  false }
    {10703 755 libcurl-minimal 0:7.61.1-22.el8  false }
------------------
[]models.Definition{
  models.Definition{
    ID:           0x8d,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20193701",
    Title:        "RHSA-2019:3701: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)\n\n* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)\n\n* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)\n\n* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x8d,
      DefinitionID: 0x8d,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x296,
          AdvisoryID: 0x8d,
          CveID:      "CVE-2018-16890",
          Cvss2:      "",
          Cvss3:      "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          Cwe:        "CWE-125->CWE-190",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2018-16890",
          Public:     "20190206",
        },
        models.Cve{
          ID:         0x297,
          AdvisoryID: 0x8d,
          CveID:      "CVE-2018-20483",
          Cvss2:      "",
          Cvss3:      "5.5/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          Cwe:        "CWE-200",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2018-20483",
          Public:     "20181226",
        },
        models.Cve{
          ID:         0x298,
          AdvisoryID: 0x8d,
          CveID:      "CVE-2019-3822",
          Cvss2:      "",
          Cvss3:      "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-121",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-3822",
          Public:     "20190206",
        },
        models.Cve{
          ID:         0x299,
          AdvisoryID: 0x8d,
          CveID:      "CVE-2019-3823",
          Cvss2:      "",
          Cvss3:      "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          Cwe:        "CWE-125",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-3823",
          Public:     "20190206",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x296,
          AdvisoryID: 0x8d,
          BugzillaID: "1662705",
          URL:        "https://bugzilla.redhat.com/1662705",
          Title:      "CVE-2018-20483 wget: Information exposure in set_file_metadata function in xattr.c",
        },
        models.Bugzilla{
          ID:         0x297,
          AdvisoryID: 0x8d,
          BugzillaID: "1670252",
          URL:        "https://bugzilla.redhat.com/1670252",
          Title:      "CVE-2018-16890 curl: NTLM type-2 heap out-of-bounds buffer read",
        },
        models.Bugzilla{
          ID:         0x298,
          AdvisoryID: 0x8d,
          BugzillaID: "1670254",
          URL:        "https://bugzilla.redhat.com/1670254",
          Title:      "CVE-2019-3822 curl: NTLMv2 type-3 header stack buffer overflow",
        },
        models.Bugzilla{
          ID:         0x299,
          AdvisoryID: 0x8d,
          BugzillaID: "1670256",
          URL:        "https://bugzilla.redhat.com/1670256",
          Title:      "CVE-2019-3823 curl: SMTP end-of-response out-of-bounds read",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x171,
          AdvisoryID: 0x8d,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x172,
          AdvisoryID: 0x8d,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2019-11-05 00:00:00 UTC,
      Updated: 2019-11-05 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x850,
        DefinitionID:    0x8d,
        Name:            "curl",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x851,
        DefinitionID:    0x8d,
        Name:            "libcurl",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x852,
        DefinitionID:    0x8d,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x853,
        DefinitionID:    0x8d,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x322,
        DefinitionID: 0x8d,
        Source:       "RHSA",
        RefID:        "RHSA-2019:3701",
        RefURL:       "https://access.redhat.com/errata/RHSA-2019:3701",
      },
      models.Reference{
        ID:           0x323,
        DefinitionID: 0x8d,
        Source:       "CVE",
        RefID:        "CVE-2018-16890",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2018-16890",
      },
      models.Reference{
        ID:           0x324,
        DefinitionID: 0x8d,
        Source:       "CVE",
        RefID:        "CVE-2018-20483",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2018-20483",
      },
      models.Reference{
        ID:           0x325,
        DefinitionID: 0x8d,
        Source:       "CVE",
        RefID:        "CVE-2019-3822",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-3822",
      },
      models.Reference{
        ID:           0x326,
        DefinitionID: 0x8d,
        Source:       "CVE",
        RefID:        "CVE-2019-3823",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-3823",
      },
    },
  },
  models.Definition{
    ID:           0xfb,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20201792",
    Title:        "RHSA-2020:1792: curl security update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: double free due to subsequent call of realloc() (CVE-2019-5481)\n\n* curl: heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)\n\n* curl: TFTP receive heap buffer overflow in tftp_receive_packet() function (CVE-2019-5436)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0xfb,
      DefinitionID: 0xfb,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x437,
          AdvisoryID: 0xfb,
          CveID:      "CVE-2019-5436",
          Cvss2:      "",
          Cvss3:      "7.0/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          Cwe:        "CWE-122",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-5436",
          Public:     "20190522",
        },
        models.Cve{
          ID:         0x438,
          AdvisoryID: 0xfb,
          CveID:      "CVE-2019-5481",
          Cvss2:      "",
          Cvss3:      "5.7/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-416",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-5481",
          Public:     "20190911",
        },
        models.Cve{
          ID:         0x439,
          AdvisoryID: 0xfb,
          CveID:      "CVE-2019-5482",
          Cvss2:      "",
          Cvss3:      "6.3/CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          Cwe:        "CWE-122",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-5482",
          Public:     "20190911",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x437,
          AdvisoryID: 0xfb,
          BugzillaID: "1710620",
          URL:        "https://bugzilla.redhat.com/1710620",
          Title:      "CVE-2019-5436 curl: TFTP receive heap buffer overflow in tftp_receive_packet() function",
        },
        models.Bugzilla{
          ID:         0x438,
          AdvisoryID: 0xfb,
          BugzillaID: "1749402",
          URL:        "https://bugzilla.redhat.com/1749402",
          Title:      "CVE-2019-5481 curl: double free due to subsequent call of realloc()",
        },
        models.Bugzilla{
          ID:         0x439,
          AdvisoryID: 0xfb,
          BugzillaID: "1749652",
          URL:        "https://bugzilla.redhat.com/1749652",
          Title:      "CVE-2019-5482 curl: heap buffer overflow in function tftp_receive_packet()",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x287,
          AdvisoryID: 0xfb,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x288,
          AdvisoryID: 0xfb,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2020-04-28 00:00:00 UTC,
      Updated: 2020-04-28 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0xe53,
        DefinitionID:    0xfb,
        Name:            "curl",
        Version:         "0:7.61.1-12.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0xe54,
        DefinitionID:    0xfb,
        Name:            "libcurl",
        Version:         "0:7.61.1-12.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0xe55,
        DefinitionID:    0xfb,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-12.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0xe56,
        DefinitionID:    0xfb,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-12.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x531,
        DefinitionID: 0xfb,
        Source:       "RHSA",
        RefID:        "RHSA-2020:1792",
        RefURL:       "https://access.redhat.com/errata/RHSA-2020:1792",
      },
      models.Reference{
        ID:           0x532,
        DefinitionID: 0xfb,
        Source:       "CVE",
        RefID:        "CVE-2019-5436",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-5436",
      },
      models.Reference{
        ID:           0x533,
        DefinitionID: 0xfb,
        Source:       "CVE",
        RefID:        "CVE-2019-5481",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-5481",
      },
      models.Reference{
        ID:           0x534,
        DefinitionID: 0xfb,
        Source:       "CVE",
        RefID:        "CVE-2019-5482",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-5482",
      },
    },
  },
  models.Definition{
    ID:           0x180,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20204599",
    Title:        "RHSA-2020:4599: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x180,
      DefinitionID: 0x180,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x674,
          AdvisoryID: 0x180,
          CveID:      "CVE-2020-8177",
          Cvss2:      "",
          Cvss3:      "5.4/CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:L",
          Cwe:        "",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8177",
          Public:     "20200624",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x674,
          AdvisoryID: 0x180,
          BugzillaID: "1847915",
          URL:        "https://bugzilla.redhat.com/1847915",
          Title:      "CVE-2020-8177 curl: Incorrect argument check can allow remote servers to overwrite local files",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x401,
          AdvisoryID: 0x180,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x402,
          AdvisoryID: 0x180,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2020-11-04 00:00:00 UTC,
      Updated: 2020-11-04 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x1532,
        DefinitionID:    0x180,
        Name:            "curl",
        Version:         "0:7.61.1-14.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x1533,
        DefinitionID:    0x180,
        Name:            "libcurl",
        Version:         "0:7.61.1-14.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x1534,
        DefinitionID:    0x180,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-14.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x1535,
        DefinitionID:    0x180,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-14.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x7f3,
        DefinitionID: 0x180,
        Source:       "RHSA",
        RefID:        "RHSA-2020:4599",
        RefURL:       "https://access.redhat.com/errata/RHSA-2020:4599",
      },
      models.Reference{
        ID:           0x7f4,
        DefinitionID: 0x180,
        Source:       "CVE",
        RefID:        "CVE-2020-8177",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8177",
      },
    },
  },
  models.Definition{
    ID:           0x20f,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20211610",
    Title:        "RHSA-2021:1610: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: FTP PASV command response can cause curl to connect to arbitrary host (CVE-2020-8284)\n\n* curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used (CVE-2020-8285)\n\n* curl: Inferior OCSP verification (CVE-2020-8286)\n\n* curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set (CVE-2020-8231)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x20f,
      DefinitionID: 0x20f,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x8a8,
          AdvisoryID: 0x20f,
          CveID:      "CVE-2020-8231",
          Cvss2:      "",
          Cvss3:      "3.7/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-822",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8231",
          Public:     "20200819",
        },
        models.Cve{
          ID:         0x8a9,
          AdvisoryID: 0x20f,
          CveID:      "CVE-2020-8284",
          Cvss2:      "",
          Cvss3:      "3.1/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-200",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8284",
          Public:     "20201209:0800",
        },
        models.Cve{
          ID:         0x8aa,
          AdvisoryID: 0x20f,
          CveID:      "CVE-2020-8285",
          Cvss2:      "",
          Cvss3:      "6.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-674->CWE-121",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8285",
          Public:     "20201209:0800",
        },
        models.Cve{
          ID:         0x8ab,
          AdvisoryID: 0x20f,
          CveID:      "CVE-2020-8286",
          Cvss2:      "",
          Cvss3:      "7.4/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          Cwe:        "CWE-295",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8286",
          Public:     "20201209",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x8a8,
          AdvisoryID: 0x20f,
          BugzillaID: "1868032",
          URL:        "https://bugzilla.redhat.com/1868032",
          Title:      "CVE-2020-8231 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set",
        },
        models.Bugzilla{
          ID:         0x8a9,
          AdvisoryID: 0x20f,
          BugzillaID: "1902667",
          URL:        "https://bugzilla.redhat.com/1902667",
          Title:      "CVE-2020-8284 curl: FTP PASV command response can cause curl to connect to arbitrary host",
        },
        models.Bugzilla{
          ID:         0x8aa,
          AdvisoryID: 0x20f,
          BugzillaID: "1902687",
          URL:        "https://bugzilla.redhat.com/1902687",
          Title:      "CVE-2020-8285 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used",
        },
        models.Bugzilla{
          ID:         0x8ab,
          AdvisoryID: 0x20f,
          BugzillaID: "1906096",
          URL:        "https://bugzilla.redhat.com/1906096",
          Title:      "CVE-2020-8286 curl: Inferior OCSP verification",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x55e,
          AdvisoryID: 0x20f,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x55f,
          AdvisoryID: 0x20f,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-05-18 00:00:00 UTC,
      Updated: 2021-05-18 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x1d95,
        DefinitionID:    0x20f,
        Name:            "curl",
        Version:         "0:7.61.1-18.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x1d96,
        DefinitionID:    0x20f,
        Name:            "libcurl",
        Version:         "0:7.61.1-18.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x1d97,
        DefinitionID:    0x20f,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-18.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x1d98,
        DefinitionID:    0x20f,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-18.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0xab6,
        DefinitionID: 0x20f,
        Source:       "RHSA",
        RefID:        "RHSA-2021:1610",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:1610",
      },
      models.Reference{
        ID:           0xab7,
        DefinitionID: 0x20f,
        Source:       "CVE",
        RefID:        "CVE-2020-8231",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8231",
      },
      models.Reference{
        ID:           0xab8,
        DefinitionID: 0x20f,
        Source:       "CVE",
        RefID:        "CVE-2020-8284",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8284",
      },
      models.Reference{
        ID:           0xab9,
        DefinitionID: 0x20f,
        Source:       "CVE",
        RefID:        "CVE-2020-8285",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8285",
      },
      models.Reference{
        ID:           0xaba,
        DefinitionID: 0x20f,
        Source:       "CVE",
        RefID:        "CVE-2020-8286",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8286",
      },
    },
  },
  models.Definition{
    ID:           0x292,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20213582",
    Title:        "RHSA-2021:3582: curl security update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: Content not matching hash in Metalink is not being discarded (CVE-2021-22922)\n\n* curl: Metalink download sends credentials (CVE-2021-22923)\n\n* curl: Bad connection reuse due to flawed path name checks (CVE-2021-22924)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
    Advisory:     models.Advisory{
      ID:           0x292,
      DefinitionID: 0x292,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0xa16,
          AdvisoryID: 0x292,
          CveID:      "CVE-2021-22922",
          Cvss2:      "",
          Cvss3:      "6.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
          Cwe:        "CWE-20",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22922",
          Public:     "20210721:0600",
        },
        models.Cve{
          ID:         0xa17,
          AdvisoryID: 0x292,
          CveID:      "CVE-2021-22923",
          Cvss2:      "",
          Cvss3:      "5.7/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
          Cwe:        "CWE-522",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22923",
          Public:     "20210721:0600",
        },
        models.Cve{
          ID:         0xa18,
          AdvisoryID: 0x292,
          CveID:      "CVE-2021-22924",
          Cvss2:      "",
          Cvss3:      "3.7/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-295",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22924",
          Public:     "20210721:0600",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0xa15,
          AdvisoryID: 0x292,
          BugzillaID: "1981435",
          URL:        "https://bugzilla.redhat.com/1981435",
          Title:      "CVE-2021-22922 curl: Content not matching hash in Metalink is not being discarded",
        },
        models.Bugzilla{
          ID:         0xa16,
          AdvisoryID: 0x292,
          BugzillaID: "1981438",
          URL:        "https://bugzilla.redhat.com/1981438",
          Title:      "CVE-2021-22923 curl: Metalink download sends credentials",
        },
        models.Bugzilla{
          ID:         0xa17,
          AdvisoryID: 0x292,
          BugzillaID: "1981460",
          URL:        "https://bugzilla.redhat.com/1981460",
          Title:      "CVE-2021-22924 curl: Bad connection reuse due to flawed path name checks",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x6a8,
          AdvisoryID: 0x292,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x6a9,
          AdvisoryID: 0x292,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-09-21 00:00:00 UTC,
      Updated: 2021-09-21 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x2478,
        DefinitionID:    0x292,
        Name:            "curl",
        Version:         "0:7.61.1-18.el8_4.1",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x2479,
        DefinitionID:    0x292,
        Name:            "libcurl",
        Version:         "0:7.61.1-18.el8_4.1",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x247a,
        DefinitionID:    0x292,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-18.el8_4.1",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x247b,
        DefinitionID:    0x292,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-18.el8_4.1",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0xca7,
        DefinitionID: 0x292,
        Source:       "RHSA",
        RefID:        "RHSA-2021:3582",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:3582",
      },
      models.Reference{
        ID:           0xca8,
        DefinitionID: 0x292,
        Source:       "CVE",
        RefID:        "CVE-2021-22922",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22922",
      },
      models.Reference{
        ID:           0xca9,
        DefinitionID: 0x292,
        Source:       "CVE",
        RefID:        "CVE-2021-22923",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22923",
      },
      models.Reference{
        ID:           0xcaa,
        DefinitionID: 0x292,
        Source:       "CVE",
        RefID:        "CVE-2021-22924",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22924",
      },
    },
  },
  models.Definition{
    ID:           0x2a4,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20214059",
    Title:        "RHSA-2021:4059: curl security update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols (CVE-2021-22946)\n\n* curl: Server responses received before STARTTLS processed after TLS handshake (CVE-2021-22947)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
    Advisory:     models.Advisory{
      ID:           0x2a4,
      DefinitionID: 0x2a4,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0xaef,
          AdvisoryID: 0x2a4,
          CveID:      "CVE-2021-22946",
          Cvss2:      "",
          Cvss3:      "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          Cwe:        "CWE-319",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22946",
          Public:     "20210915",
        },
        models.Cve{
          ID:         0xaf0,
          AdvisoryID: 0x2a4,
          CveID:      "CVE-2021-22947",
          Cvss2:      "",
          Cvss3:      "6.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
          Cwe:        "CWE-319",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22947",
          Public:     "20210915",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0xaee,
          AdvisoryID: 0x2a4,
          BugzillaID: "2003175",
          URL:        "https://bugzilla.redhat.com/2003175",
          Title:      "CVE-2021-22946 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols",
        },
        models.Bugzilla{
          ID:         0xaef,
          AdvisoryID: 0x2a4,
          BugzillaID: "2003191",
          URL:        "https://bugzilla.redhat.com/2003191",
          Title:      "CVE-2021-22947 curl: Server responses received before STARTTLS processed after TLS handshake",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x6d4,
          AdvisoryID: 0x2a4,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x6d5,
          AdvisoryID: 0x2a4,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-11-02 00:00:00 UTC,
      Updated: 2021-11-02 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x2523,
        DefinitionID:    0x2a4,
        Name:            "curl",
        Version:         "0:7.61.1-18.el8_4.2",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x2524,
        DefinitionID:    0x2a4,
        Name:            "libcurl",
        Version:         "0:7.61.1-18.el8_4.2",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x2525,
        DefinitionID:    0x2a4,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-18.el8_4.2",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x2526,
        DefinitionID:    0x2a4,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-18.el8_4.2",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0xd92,
        DefinitionID: 0x2a4,
        Source:       "RHSA",
        RefID:        "RHSA-2021:4059",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:4059",
      },
      models.Reference{
        ID:           0xd93,
        DefinitionID: 0x2a4,
        Source:       "CVE",
        RefID:        "CVE-2021-22946",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22946",
      },
      models.Reference{
        ID:           0xd94,
        DefinitionID: 0x2a4,
        Source:       "CVE",
        RefID:        "CVE-2021-22947",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22947",
      },
    },
  },
  models.Definition{
    ID:           0x2f3,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20214511",
    Title:        "RHSA-2021:4511: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: Leak of authentication credentials in URL via automatic Referer (CVE-2021-22876)\n\n* curl: TELNET stack contents disclosure (CVE-2021-22898)\n\n* curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure (CVE-2021-22925)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x2f3,
      DefinitionID: 0x2f3,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0xc44,
          AdvisoryID: 0x2f3,
          CveID:      "CVE-2021-22876",
          Cvss2:      "",
          Cvss3:      "3.7/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-200",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22876",
          Public:     "20210331",
        },
        models.Cve{
          ID:         0xc45,
          AdvisoryID: 0x2f3,
          CveID:      "CVE-2021-22898",
          Cvss2:      "",
          Cvss3:      "3.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-908",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22898",
          Public:     "20210526",
        },
        models.Cve{
          ID:         0xc46,
          AdvisoryID: 0x2f3,
          CveID:      "CVE-2021-22925",
          Cvss2:      "",
          Cvss3:      "3.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-908",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22925",
          Public:     "20210721",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0xc40,
          AdvisoryID: 0x2f3,
          BugzillaID: "1941964",
          URL:        "https://bugzilla.redhat.com/1941964",
          Title:      "CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer",
        },
        models.Bugzilla{
          ID:         0xc41,
          AdvisoryID: 0x2f3,
          BugzillaID: "1964887",
          URL:        "https://bugzilla.redhat.com/1964887",
          Title:      "CVE-2021-22898 curl: TELNET stack contents disclosure",
        },
        models.Bugzilla{
          ID:         0xc42,
          AdvisoryID: 0x2f3,
          BugzillaID: "1970902",
          URL:        "https://bugzilla.redhat.com/1970902",
          Title:      "CVE-2021-22925 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x7bb,
          AdvisoryID: 0x2f3,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x7bc,
          AdvisoryID: 0x2f3,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-11-09 00:00:00 UTC,
      Updated: 2021-11-09 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x29cc,
        DefinitionID:    0x2f3,
        Name:            "curl",
        Version:         "0:7.61.1-22.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x29cd,
        DefinitionID:    0x2f3,
        Name:            "libcurl",
        Version:         "0:7.61.1-22.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x29ce,
        DefinitionID:    0x2f3,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-22.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x29cf,
        DefinitionID:    0x2f3,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-22.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0xf36,
        DefinitionID: 0x2f3,
        Source:       "RHSA",
        RefID:        "RHSA-2021:4511",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:4511",
      },
      models.Reference{
        ID:           0xf37,
        DefinitionID: 0x2f3,
        Source:       "CVE",
        RefID:        "CVE-2021-22876",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22876",
      },
      models.Reference{
        ID:           0xf38,
        DefinitionID: 0x2f3,
        Source:       "CVE",
        RefID:        "CVE-2021-22898",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22898",
      },
      models.Reference{
        ID:           0xf39,
        DefinitionID: 0x2f3,
        Source:       "CVE",
        RefID:        "CVE-2021-22925",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22925",
      },
    },
  },
}
  • MaineK00n:support-rhel-ovalv2
$ goval-dictionary select --by-package redhat 8 curl
CVE-2018-16890
    {16870 1696 curl 0:7.61.1-11.el8  false }
    {16871 1696 libcurl 0:7.61.1-11.el8  false }
    {16872 1696 libcurl-devel 0:7.61.1-11.el8  false }
    {16873 1696 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2018-20483
    {16870 1696 curl 0:7.61.1-11.el8  false }
    {16871 1696 libcurl 0:7.61.1-11.el8  false }
    {16872 1696 libcurl-devel 0:7.61.1-11.el8  false }
    {16873 1696 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2019-3822
    {16870 1696 curl 0:7.61.1-11.el8  false }
    {16871 1696 libcurl 0:7.61.1-11.el8  false }
    {16872 1696 libcurl-devel 0:7.61.1-11.el8  false }
    {16873 1696 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2019-3823
    {16870 1696 curl 0:7.61.1-11.el8  false }
    {16871 1696 libcurl 0:7.61.1-11.el8  false }
    {16872 1696 libcurl-devel 0:7.61.1-11.el8  false }
    {16873 1696 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2019-5436
    {18413 1806 curl 0:7.61.1-12.el8  false }
    {18414 1806 libcurl 0:7.61.1-12.el8  false }
    {18415 1806 libcurl-devel 0:7.61.1-12.el8  false }
    {18416 1806 libcurl-minimal 0:7.61.1-12.el8  false }
CVE-2019-5481
    {18413 1806 curl 0:7.61.1-12.el8  false }
    {18414 1806 libcurl 0:7.61.1-12.el8  false }
    {18415 1806 libcurl-devel 0:7.61.1-12.el8  false }
    {18416 1806 libcurl-minimal 0:7.61.1-12.el8  false }
CVE-2019-5482
    {18413 1806 curl 0:7.61.1-12.el8  false }
    {18414 1806 libcurl 0:7.61.1-12.el8  false }
    {18415 1806 libcurl-devel 0:7.61.1-12.el8  false }
    {18416 1806 libcurl-minimal 0:7.61.1-12.el8  false }
CVE-2020-8177
    {20196 1939 curl 0:7.61.1-14.el8  false }
    {20197 1939 libcurl 0:7.61.1-14.el8  false }
    {20198 1939 libcurl-devel 0:7.61.1-14.el8  false }
    {20199 1939 libcurl-minimal 0:7.61.1-14.el8  false }
CVE-2020-8231
    {22343 2082 curl 0:7.61.1-18.el8  false }
    {22344 2082 libcurl 0:7.61.1-18.el8  false }
    {22345 2082 libcurl-devel 0:7.61.1-18.el8  false }
    {22346 2082 libcurl-minimal 0:7.61.1-18.el8  false }
CVE-2020-8284
    {22343 2082 curl 0:7.61.1-18.el8  false }
    {22344 2082 libcurl 0:7.61.1-18.el8  false }
    {22345 2082 libcurl-devel 0:7.61.1-18.el8  false }
    {22346 2082 libcurl-minimal 0:7.61.1-18.el8  false }
CVE-2020-8285
    {22343 2082 curl 0:7.61.1-18.el8  false }
    {22344 2082 libcurl 0:7.61.1-18.el8  false }
    {22345 2082 libcurl-devel 0:7.61.1-18.el8  false }
    {22346 2082 libcurl-minimal 0:7.61.1-18.el8  false }
CVE-2020-8286
    {22343 2082 curl 0:7.61.1-18.el8  false }
    {22344 2082 libcurl 0:7.61.1-18.el8  false }
    {22345 2082 libcurl-devel 0:7.61.1-18.el8  false }
    {22346 2082 libcurl-minimal 0:7.61.1-18.el8  false }
CVE-2021-22922
    {24136 2213 curl 0:7.61.1-18.el8_4.1  false }
    {24137 2213 libcurl 0:7.61.1-18.el8_4.1  false }
    {24138 2213 libcurl-devel 0:7.61.1-18.el8_4.1  false }
    {24139 2213 libcurl-minimal 0:7.61.1-18.el8_4.1  false }
CVE-2021-22923
    {24136 2213 curl 0:7.61.1-18.el8_4.1  false }
    {24137 2213 libcurl 0:7.61.1-18.el8_4.1  false }
    {24138 2213 libcurl-devel 0:7.61.1-18.el8_4.1  false }
    {24139 2213 libcurl-minimal 0:7.61.1-18.el8_4.1  false }
CVE-2021-22924
    {24136 2213 curl 0:7.61.1-18.el8_4.1  false }
    {24137 2213 libcurl 0:7.61.1-18.el8_4.1  false }
    {24138 2213 libcurl-devel 0:7.61.1-18.el8_4.1  false }
    {24139 2213 libcurl-minimal 0:7.61.1-18.el8_4.1  false }
CVE-2021-22946
    {24307 2231 curl 0:7.61.1-18.el8_4.2  false }
    {24308 2231 libcurl 0:7.61.1-18.el8_4.2  false }
    {24309 2231 libcurl-devel 0:7.61.1-18.el8_4.2  false }
    {24310 2231 libcurl-minimal 0:7.61.1-18.el8_4.2  false }
CVE-2021-22947
    {24307 2231 curl 0:7.61.1-18.el8_4.2  false }
    {24308 2231 libcurl 0:7.61.1-18.el8_4.2  false }
    {24309 2231 libcurl-devel 0:7.61.1-18.el8_4.2  false }
    {24310 2231 libcurl-minimal 0:7.61.1-18.el8_4.2  false }
CVE-2021-22876
    {25514 2310 curl 0:7.61.1-22.el8  false }
    {25515 2310 libcurl 0:7.61.1-22.el8  false }
    {25516 2310 libcurl-devel 0:7.61.1-22.el8  false }
    {25517 2310 libcurl-minimal 0:7.61.1-22.el8  false }
CVE-2021-22898
    {25514 2310 curl 0:7.61.1-22.el8  false }
    {25515 2310 libcurl 0:7.61.1-22.el8  false }
    {25516 2310 libcurl-devel 0:7.61.1-22.el8  false }
    {25517 2310 libcurl-minimal 0:7.61.1-22.el8  false }
CVE-2021-22925
    {25514 2310 curl 0:7.61.1-22.el8  false }
    {25515 2310 libcurl 0:7.61.1-22.el8  false }
    {25516 2310 libcurl-devel 0:7.61.1-22.el8  false }
    {25517 2310 libcurl-minimal 0:7.61.1-22.el8  false }
------------------
[]models.Definition{
  models.Definition{
    ID:           0x6a0,
    RootID:       0x3,
    DefinitionID: "oval:com.redhat.rhsa:def:20193701",
    Title:        "RHSA-2019:3701: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)\n\n* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)\n\n* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)\n\n* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x6a0,
      DefinitionID: 0x6a0,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x1a52,
          AdvisoryID: 0x6a0,
          CveID:      "CVE-2018-16890",
          Cvss2:      "",
          Cvss3:      "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          Cwe:        "CWE-125->CWE-190",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2018-16890",
          Public:     "20190206",
        },
        models.Cve{
          ID:         0x1a53,
          AdvisoryID: 0x6a0,
          CveID:      "CVE-2018-20483",
          Cvss2:      "",
          Cvss3:      "5.5/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          Cwe:        "CWE-200",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2018-20483",
          Public:     "20181226",
        },
        models.Cve{
          ID:         0x1a54,
          AdvisoryID: 0x6a0,
          CveID:      "CVE-2019-3822",
          Cvss2:      "",
          Cvss3:      "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-121",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-3822",
          Public:     "20190206",
        },
        models.Cve{
          ID:         0x1a55,
          AdvisoryID: 0x6a0,
          CveID:      "CVE-2019-3823",
          Cvss2:      "",
          Cvss3:      "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          Cwe:        "CWE-125",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-3823",
          Public:     "20190206",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x1943,
          AdvisoryID: 0x6a0,
          BugzillaID: "1662705",
          URL:        "https://bugzilla.redhat.com/1662705",
          Title:      "CVE-2018-20483 wget: Information exposure in set_file_metadata function in xattr.c",
        },
        models.Bugzilla{
          ID:         0x1944,
          AdvisoryID: 0x6a0,
          BugzillaID: "1670252",
          URL:        "https://bugzilla.redhat.com/1670252",
          Title:      "CVE-2018-16890 curl: NTLM type-2 heap out-of-bounds buffer read",
        },
        models.Bugzilla{
          ID:         0x1945,
          AdvisoryID: 0x6a0,
          BugzillaID: "1670254",
          URL:        "https://bugzilla.redhat.com/1670254",
          Title:      "CVE-2019-3822 curl: NTLMv2 type-3 header stack buffer overflow",
        },
        models.Bugzilla{
          ID:         0x1946,
          AdvisoryID: 0x6a0,
          BugzillaID: "1670256",
          URL:        "https://bugzilla.redhat.com/1670256",
          Title:      "CVE-2019-3823 curl: SMTP end-of-response out-of-bounds read",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x3151,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x3152,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
        models.Cpe{
          ID:         0x3153,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::crb",
        },
        models.Cpe{
          ID:         0x3154,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::highavailability",
        },
        models.Cpe{
          ID:         0x3155,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::nfv",
        },
        models.Cpe{
          ID:         0x3156,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::realtime",
        },
        models.Cpe{
          ID:         0x3157,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::resilientstorage",
        },
        models.Cpe{
          ID:         0x3158,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap",
        },
        models.Cpe{
          ID:         0x3159,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap_hana",
        },
        models.Cpe{
          ID:         0x315a,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::supplementary",
        },
        models.Cpe{
          ID:         0x315b,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x315c,
          AdvisoryID: 0x6a0,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2019-11-05 00:00:00 UTC,
      Updated: 2019-11-05 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x41e6,
        DefinitionID:    0x6a0,
        Name:            "curl",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x41e7,
        DefinitionID:    0x6a0,
        Name:            "libcurl",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x41e8,
        DefinitionID:    0x6a0,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x41e9,
        DefinitionID:    0x6a0,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x20f1,
        DefinitionID: 0x6a0,
        Source:       "RHSA",
        RefID:        "RHSA-2019:3701",
        RefURL:       "https://access.redhat.com/errata/RHSA-2019:3701",
      },
      models.Reference{
        ID:           0x20f2,
        DefinitionID: 0x6a0,
        Source:       "CVE",
        RefID:        "CVE-2018-16890",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2018-16890",
      },
      models.Reference{
        ID:           0x20f3,
        DefinitionID: 0x6a0,
        Source:       "CVE",
        RefID:        "CVE-2018-20483",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2018-20483",
      },
      models.Reference{
        ID:           0x20f4,
        DefinitionID: 0x6a0,
        Source:       "CVE",
        RefID:        "CVE-2019-3822",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-3822",
      },
      models.Reference{
        ID:           0x20f5,
        DefinitionID: 0x6a0,
        Source:       "CVE",
        RefID:        "CVE-2019-3823",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-3823",
      },
    },
  },
  models.Definition{
    ID:           0x70e,
    RootID:       0x3,
    DefinitionID: "oval:com.redhat.rhsa:def:20201792",
    Title:        "RHSA-2020:1792: curl security update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: double free due to subsequent call of realloc() (CVE-2019-5481)\n\n* curl: heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)\n\n* curl: TFTP receive heap buffer overflow in tftp_receive_packet() function (CVE-2019-5436)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x70e,
      DefinitionID: 0x70e,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x1bf3,
          AdvisoryID: 0x70e,
          CveID:      "CVE-2019-5436",
          Cvss2:      "",
          Cvss3:      "7.0/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          Cwe:        "CWE-122",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-5436",
          Public:     "20190522",
        },
        models.Cve{
          ID:         0x1bf4,
          AdvisoryID: 0x70e,
          CveID:      "CVE-2019-5481",
          Cvss2:      "",
          Cvss3:      "5.7/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-416",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-5481",
          Public:     "20190911",
        },
        models.Cve{
          ID:         0x1bf5,
          AdvisoryID: 0x70e,
          CveID:      "CVE-2019-5482",
          Cvss2:      "",
          Cvss3:      "6.3/CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          Cwe:        "CWE-122",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-5482",
          Public:     "20190911",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x1ae4,
          AdvisoryID: 0x70e,
          BugzillaID: "1710620",
          URL:        "https://bugzilla.redhat.com/1710620",
          Title:      "CVE-2019-5436 curl: TFTP receive heap buffer overflow in tftp_receive_packet() function",
        },
        models.Bugzilla{
          ID:         0x1ae5,
          AdvisoryID: 0x70e,
          BugzillaID: "1749402",
          URL:        "https://bugzilla.redhat.com/1749402",
          Title:      "CVE-2019-5481 curl: double free due to subsequent call of realloc()",
        },
        models.Bugzilla{
          ID:         0x1ae6,
          AdvisoryID: 0x70e,
          BugzillaID: "1749652",
          URL:        "https://bugzilla.redhat.com/1749652",
          Title:      "CVE-2019-5482 curl: heap buffer overflow in function tftp_receive_packet()",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x3679,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x367a,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
        models.Cpe{
          ID:         0x367b,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::crb",
        },
        models.Cpe{
          ID:         0x367c,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::highavailability",
        },
        models.Cpe{
          ID:         0x367d,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::nfv",
        },
        models.Cpe{
          ID:         0x367e,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::realtime",
        },
        models.Cpe{
          ID:         0x367f,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::resilientstorage",
        },
        models.Cpe{
          ID:         0x3680,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap",
        },
        models.Cpe{
          ID:         0x3681,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap_hana",
        },
        models.Cpe{
          ID:         0x3682,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::supplementary",
        },
        models.Cpe{
          ID:         0x3683,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x3684,
          AdvisoryID: 0x70e,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2020-04-28 00:00:00 UTC,
      Updated: 2020-04-28 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x47ed,
        DefinitionID:    0x70e,
        Name:            "curl",
        Version:         "0:7.61.1-12.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x47ee,
        DefinitionID:    0x70e,
        Name:            "libcurl",
        Version:         "0:7.61.1-12.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x47ef,
        DefinitionID:    0x70e,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-12.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x47f0,
        DefinitionID:    0x70e,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-12.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x2300,
        DefinitionID: 0x70e,
        Source:       "RHSA",
        RefID:        "RHSA-2020:1792",
        RefURL:       "https://access.redhat.com/errata/RHSA-2020:1792",
      },
      models.Reference{
        ID:           0x2301,
        DefinitionID: 0x70e,
        Source:       "CVE",
        RefID:        "CVE-2019-5436",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-5436",
      },
      models.Reference{
        ID:           0x2302,
        DefinitionID: 0x70e,
        Source:       "CVE",
        RefID:        "CVE-2019-5481",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-5481",
      },
      models.Reference{
        ID:           0x2303,
        DefinitionID: 0x70e,
        Source:       "CVE",
        RefID:        "CVE-2019-5482",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-5482",
      },
    },
  },
  models.Definition{
    ID:           0x793,
    RootID:       0x3,
    DefinitionID: "oval:com.redhat.rhsa:def:20204599",
    Title:        "RHSA-2020:4599: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x793,
      DefinitionID: 0x793,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x1e30,
          AdvisoryID: 0x793,
          CveID:      "CVE-2020-8177",
          Cvss2:      "",
          Cvss3:      "5.4/CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:L",
          Cwe:        "",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8177",
          Public:     "20200624",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x1d21,
          AdvisoryID: 0x793,
          BugzillaID: "1847915",
          URL:        "https://bugzilla.redhat.com/1847915",
          Title:      "CVE-2020-8177 curl: Incorrect argument check can allow remote servers to overwrite local files",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x3cb5,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x3cb6,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
        models.Cpe{
          ID:         0x3cb7,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::crb",
        },
        models.Cpe{
          ID:         0x3cb8,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::highavailability",
        },
        models.Cpe{
          ID:         0x3cb9,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::nfv",
        },
        models.Cpe{
          ID:         0x3cba,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::realtime",
        },
        models.Cpe{
          ID:         0x3cbb,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::resilientstorage",
        },
        models.Cpe{
          ID:         0x3cbc,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap",
        },
        models.Cpe{
          ID:         0x3cbd,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap_hana",
        },
        models.Cpe{
          ID:         0x3cbe,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::supplementary",
        },
        models.Cpe{
          ID:         0x3cbf,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x3cc0,
          AdvisoryID: 0x793,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2020-11-04 00:00:00 UTC,
      Updated: 2020-11-04 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x4ee4,
        DefinitionID:    0x793,
        Name:            "curl",
        Version:         "0:7.61.1-14.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x4ee5,
        DefinitionID:    0x793,
        Name:            "libcurl",
        Version:         "0:7.61.1-14.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x4ee6,
        DefinitionID:    0x793,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-14.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x4ee7,
        DefinitionID:    0x793,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-14.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x25c2,
        DefinitionID: 0x793,
        Source:       "RHSA",
        RefID:        "RHSA-2020:4599",
        RefURL:       "https://access.redhat.com/errata/RHSA-2020:4599",
      },
      models.Reference{
        ID:           0x25c3,
        DefinitionID: 0x793,
        Source:       "CVE",
        RefID:        "CVE-2020-8177",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8177",
      },
    },
  },
  models.Definition{
    ID:           0x822,
    RootID:       0x3,
    DefinitionID: "oval:com.redhat.rhsa:def:20211610",
    Title:        "RHSA-2021:1610: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: FTP PASV command response can cause curl to connect to arbitrary host (CVE-2020-8284)\n\n* curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used (CVE-2020-8285)\n\n* curl: Inferior OCSP verification (CVE-2020-8286)\n\n* curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set (CVE-2020-8231)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x822,
      DefinitionID: 0x822,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x2064,
          AdvisoryID: 0x822,
          CveID:      "CVE-2020-8231",
          Cvss2:      "",
          Cvss3:      "3.7/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-822",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8231",
          Public:     "20200819",
        },
        models.Cve{
          ID:         0x2065,
          AdvisoryID: 0x822,
          CveID:      "CVE-2020-8284",
          Cvss2:      "",
          Cvss3:      "3.1/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-200",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8284",
          Public:     "20201209:0800",
        },
        models.Cve{
          ID:         0x2066,
          AdvisoryID: 0x822,
          CveID:      "CVE-2020-8285",
          Cvss2:      "",
          Cvss3:      "6.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-674->CWE-121",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8285",
          Public:     "20201209:0800",
        },
        models.Cve{
          ID:         0x2067,
          AdvisoryID: 0x822,
          CveID:      "CVE-2020-8286",
          Cvss2:      "",
          Cvss3:      "7.4/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          Cwe:        "CWE-295",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2020-8286",
          Public:     "20201209",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x1f55,
          AdvisoryID: 0x822,
          BugzillaID: "1868032",
          URL:        "https://bugzilla.redhat.com/1868032",
          Title:      "CVE-2020-8231 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set",
        },
        models.Bugzilla{
          ID:         0x1f56,
          AdvisoryID: 0x822,
          BugzillaID: "1902667",
          URL:        "https://bugzilla.redhat.com/1902667",
          Title:      "CVE-2020-8284 curl: FTP PASV command response can cause curl to connect to arbitrary host",
        },
        models.Bugzilla{
          ID:         0x1f57,
          AdvisoryID: 0x822,
          BugzillaID: "1902687",
          URL:        "https://bugzilla.redhat.com/1902687",
          Title:      "CVE-2020-8285 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used",
        },
        models.Bugzilla{
          ID:         0x1f58,
          AdvisoryID: 0x822,
          BugzillaID: "1906096",
          URL:        "https://bugzilla.redhat.com/1906096",
          Title:      "CVE-2020-8286 curl: Inferior OCSP verification",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x4369,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x436a,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
        models.Cpe{
          ID:         0x436b,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::crb",
        },
        models.Cpe{
          ID:         0x436c,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::highavailability",
        },
        models.Cpe{
          ID:         0x436d,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::nfv",
        },
        models.Cpe{
          ID:         0x436e,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::realtime",
        },
        models.Cpe{
          ID:         0x436f,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::resilientstorage",
        },
        models.Cpe{
          ID:         0x4370,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap",
        },
        models.Cpe{
          ID:         0x4371,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap_hana",
        },
        models.Cpe{
          ID:         0x4372,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::supplementary",
        },
        models.Cpe{
          ID:         0x4373,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x4374,
          AdvisoryID: 0x822,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-05-18 00:00:00 UTC,
      Updated: 2021-05-18 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x5747,
        DefinitionID:    0x822,
        Name:            "curl",
        Version:         "0:7.61.1-18.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x5748,
        DefinitionID:    0x822,
        Name:            "libcurl",
        Version:         "0:7.61.1-18.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x5749,
        DefinitionID:    0x822,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-18.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x574a,
        DefinitionID:    0x822,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-18.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x2885,
        DefinitionID: 0x822,
        Source:       "RHSA",
        RefID:        "RHSA-2021:1610",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:1610",
      },
      models.Reference{
        ID:           0x2886,
        DefinitionID: 0x822,
        Source:       "CVE",
        RefID:        "CVE-2020-8231",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8231",
      },
      models.Reference{
        ID:           0x2887,
        DefinitionID: 0x822,
        Source:       "CVE",
        RefID:        "CVE-2020-8284",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8284",
      },
      models.Reference{
        ID:           0x2888,
        DefinitionID: 0x822,
        Source:       "CVE",
        RefID:        "CVE-2020-8285",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8285",
      },
      models.Reference{
        ID:           0x2889,
        DefinitionID: 0x822,
        Source:       "CVE",
        RefID:        "CVE-2020-8286",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2020-8286",
      },
    },
  },
  models.Definition{
    ID:           0x8a5,
    RootID:       0x3,
    DefinitionID: "oval:com.redhat.rhsa:def:20213582",
    Title:        "RHSA-2021:3582: curl security update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: Content not matching hash in Metalink is not being discarded (CVE-2021-22922)\n\n* curl: Metalink download sends credentials (CVE-2021-22923)\n\n* curl: Bad connection reuse due to flawed path name checks (CVE-2021-22924)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
    Advisory:     models.Advisory{
      ID:           0x8a5,
      DefinitionID: 0x8a5,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x21d2,
          AdvisoryID: 0x8a5,
          CveID:      "CVE-2021-22922",
          Cvss2:      "",
          Cvss3:      "6.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
          Cwe:        "CWE-20",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22922",
          Public:     "20210721:0600",
        },
        models.Cve{
          ID:         0x21d3,
          AdvisoryID: 0x8a5,
          CveID:      "CVE-2021-22923",
          Cvss2:      "",
          Cvss3:      "5.7/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
          Cwe:        "CWE-522",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22923",
          Public:     "20210721:0600",
        },
        models.Cve{
          ID:         0x21d4,
          AdvisoryID: 0x8a5,
          CveID:      "CVE-2021-22924",
          Cvss2:      "",
          Cvss3:      "3.7/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-295",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22924",
          Public:     "20210721:0600",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x20c2,
          AdvisoryID: 0x8a5,
          BugzillaID: "1981435",
          URL:        "https://bugzilla.redhat.com/1981435",
          Title:      "CVE-2021-22922 curl: Content not matching hash in Metalink is not being discarded",
        },
        models.Bugzilla{
          ID:         0x20c3,
          AdvisoryID: 0x8a5,
          BugzillaID: "1981438",
          URL:        "https://bugzilla.redhat.com/1981438",
          Title:      "CVE-2021-22923 curl: Metalink download sends credentials",
        },
        models.Bugzilla{
          ID:         0x20c4,
          AdvisoryID: 0x8a5,
          BugzillaID: "1981460",
          URL:        "https://bugzilla.redhat.com/1981460",
          Title:      "CVE-2021-22924 curl: Bad connection reuse due to flawed path name checks",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x498d,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x498e,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
        models.Cpe{
          ID:         0x498f,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::crb",
        },
        models.Cpe{
          ID:         0x4990,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::highavailability",
        },
        models.Cpe{
          ID:         0x4991,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::nfv",
        },
        models.Cpe{
          ID:         0x4992,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::realtime",
        },
        models.Cpe{
          ID:         0x4993,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::resilientstorage",
        },
        models.Cpe{
          ID:         0x4994,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap",
        },
        models.Cpe{
          ID:         0x4995,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap_hana",
        },
        models.Cpe{
          ID:         0x4996,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::supplementary",
        },
        models.Cpe{
          ID:         0x4997,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x4998,
          AdvisoryID: 0x8a5,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-09-21 00:00:00 UTC,
      Updated: 2021-09-21 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x5e48,
        DefinitionID:    0x8a5,
        Name:            "curl",
        Version:         "0:7.61.1-18.el8_4.1",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x5e49,
        DefinitionID:    0x8a5,
        Name:            "libcurl",
        Version:         "0:7.61.1-18.el8_4.1",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x5e4a,
        DefinitionID:    0x8a5,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-18.el8_4.1",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x5e4b,
        DefinitionID:    0x8a5,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-18.el8_4.1",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x2a76,
        DefinitionID: 0x8a5,
        Source:       "RHSA",
        RefID:        "RHSA-2021:3582",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:3582",
      },
      models.Reference{
        ID:           0x2a77,
        DefinitionID: 0x8a5,
        Source:       "CVE",
        RefID:        "CVE-2021-22922",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22922",
      },
      models.Reference{
        ID:           0x2a78,
        DefinitionID: 0x8a5,
        Source:       "CVE",
        RefID:        "CVE-2021-22923",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22923",
      },
      models.Reference{
        ID:           0x2a79,
        DefinitionID: 0x8a5,
        Source:       "CVE",
        RefID:        "CVE-2021-22924",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22924",
      },
    },
  },
  models.Definition{
    ID:           0x8b7,
    RootID:       0x3,
    DefinitionID: "oval:com.redhat.rhsa:def:20214059",
    Title:        "RHSA-2021:4059: curl security update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols (CVE-2021-22946)\n\n* curl: Server responses received before STARTTLS processed after TLS handshake (CVE-2021-22947)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
    Advisory:     models.Advisory{
      ID:           0x8b7,
      DefinitionID: 0x8b7,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x22ab,
          AdvisoryID: 0x8b7,
          CveID:      "CVE-2021-22946",
          Cvss2:      "",
          Cvss3:      "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          Cwe:        "CWE-319",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22946",
          Public:     "20210915",
        },
        models.Cve{
          ID:         0x22ac,
          AdvisoryID: 0x8b7,
          CveID:      "CVE-2021-22947",
          Cvss2:      "",
          Cvss3:      "6.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
          Cwe:        "CWE-319",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22947",
          Public:     "20210915",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x219b,
          AdvisoryID: 0x8b7,
          BugzillaID: "2003175",
          URL:        "https://bugzilla.redhat.com/2003175",
          Title:      "CVE-2021-22946 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols",
        },
        models.Bugzilla{
          ID:         0x219c,
          AdvisoryID: 0x8b7,
          BugzillaID: "2003191",
          URL:        "https://bugzilla.redhat.com/2003191",
          Title:      "CVE-2021-22947 curl: Server responses received before STARTTLS processed after TLS handshake",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x4a65,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x4a66,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
        models.Cpe{
          ID:         0x4a67,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::crb",
        },
        models.Cpe{
          ID:         0x4a68,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::highavailability",
        },
        models.Cpe{
          ID:         0x4a69,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::nfv",
        },
        models.Cpe{
          ID:         0x4a6a,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::realtime",
        },
        models.Cpe{
          ID:         0x4a6b,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::resilientstorage",
        },
        models.Cpe{
          ID:         0x4a6c,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap",
        },
        models.Cpe{
          ID:         0x4a6d,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap_hana",
        },
        models.Cpe{
          ID:         0x4a6e,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::supplementary",
        },
        models.Cpe{
          ID:         0x4a6f,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x4a70,
          AdvisoryID: 0x8b7,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-11-02 00:00:00 UTC,
      Updated: 2021-11-02 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x5ef3,
        DefinitionID:    0x8b7,
        Name:            "curl",
        Version:         "0:7.61.1-18.el8_4.2",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x5ef4,
        DefinitionID:    0x8b7,
        Name:            "libcurl",
        Version:         "0:7.61.1-18.el8_4.2",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x5ef5,
        DefinitionID:    0x8b7,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-18.el8_4.2",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x5ef6,
        DefinitionID:    0x8b7,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-18.el8_4.2",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x2b61,
        DefinitionID: 0x8b7,
        Source:       "RHSA",
        RefID:        "RHSA-2021:4059",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:4059",
      },
      models.Reference{
        ID:           0x2b62,
        DefinitionID: 0x8b7,
        Source:       "CVE",
        RefID:        "CVE-2021-22946",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22946",
      },
      models.Reference{
        ID:           0x2b63,
        DefinitionID: 0x8b7,
        Source:       "CVE",
        RefID:        "CVE-2021-22947",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22947",
      },
    },
  },
  models.Definition{
    ID:           0x906,
    RootID:       0x3,
    DefinitionID: "oval:com.redhat.rhsa:def:20214511",
    Title:        "RHSA-2021:4511: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: Leak of authentication credentials in URL via automatic Referer (CVE-2021-22876)\n\n* curl: TELNET stack contents disclosure (CVE-2021-22898)\n\n* curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure (CVE-2021-22925)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x906,
      DefinitionID: 0x906,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x2400,
          AdvisoryID: 0x906,
          CveID:      "CVE-2021-22876",
          Cvss2:      "",
          Cvss3:      "3.7/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-200",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22876",
          Public:     "20210331",
        },
        models.Cve{
          ID:         0x2401,
          AdvisoryID: 0x906,
          CveID:      "CVE-2021-22898",
          Cvss2:      "",
          Cvss3:      "3.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-908",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22898",
          Public:     "20210526",
        },
        models.Cve{
          ID:         0x2402,
          AdvisoryID: 0x906,
          CveID:      "CVE-2021-22925",
          Cvss2:      "",
          Cvss3:      "3.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
          Cwe:        "CWE-908",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2021-22925",
          Public:     "20210721",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x22ed,
          AdvisoryID: 0x906,
          BugzillaID: "1941964",
          URL:        "https://bugzilla.redhat.com/1941964",
          Title:      "CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer",
        },
        models.Bugzilla{
          ID:         0x22ee,
          AdvisoryID: 0x906,
          BugzillaID: "1964887",
          URL:        "https://bugzilla.redhat.com/1964887",
          Title:      "CVE-2021-22898 curl: TELNET stack contents disclosure",
        },
        models.Bugzilla{
          ID:         0x22ef,
          AdvisoryID: 0x906,
          BugzillaID: "1970902",
          URL:        "https://bugzilla.redhat.com/1970902",
          Title:      "CVE-2021-22925 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x4e19,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x4e1a,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::appstream",
        },
        models.Cpe{
          ID:         0x4e1b,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::crb",
        },
        models.Cpe{
          ID:         0x4e1c,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::highavailability",
        },
        models.Cpe{
          ID:         0x4e1d,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::nfv",
        },
        models.Cpe{
          ID:         0x4e1e,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::realtime",
        },
        models.Cpe{
          ID:         0x4e1f,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::resilientstorage",
        },
        models.Cpe{
          ID:         0x4e20,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap",
        },
        models.Cpe{
          ID:         0x4e21,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::sap_hana",
        },
        models.Cpe{
          ID:         0x4e22,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/a:redhat:enterprise_linux:8::supplementary",
        },
        models.Cpe{
          ID:         0x4e23,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8",
        },
        models.Cpe{
          ID:         0x4e24,
          AdvisoryID: 0x906,
          Cpe:        "cpe:/o:redhat:enterprise_linux:8::baseos",
        },
      },
      Issued:  2021-11-09 00:00:00 UTC,
      Updated: 2021-11-09 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x63aa,
        DefinitionID:    0x906,
        Name:            "curl",
        Version:         "0:7.61.1-22.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x63ab,
        DefinitionID:    0x906,
        Name:            "libcurl",
        Version:         "0:7.61.1-22.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x63ac,
        DefinitionID:    0x906,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-22.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x63ad,
        DefinitionID:    0x906,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-22.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x2d05,
        DefinitionID: 0x906,
        Source:       "RHSA",
        RefID:        "RHSA-2021:4511",
        RefURL:       "https://access.redhat.com/errata/RHSA-2021:4511",
      },
      models.Reference{
        ID:           0x2d06,
        DefinitionID: 0x906,
        Source:       "CVE",
        RefID:        "CVE-2021-22876",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22876",
      },
      models.Reference{
        ID:           0x2d07,
        DefinitionID: 0x906,
        Source:       "CVE",
        RefID:        "CVE-2021-22898",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22898",
      },
      models.Reference{
        ID:           0x2d08,
        DefinitionID: 0x906,
        Source:       "CVE",
        RefID:        "CVE-2021-22925",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2021-22925",
      },
    },
  },
}

$ goval-dictionary select --by-package redhat 8.1-eus curl
CVE-2018-16890
    {2010 135 curl 0:7.61.1-11.el8  false }
    {2011 135 libcurl 0:7.61.1-11.el8  false }
    {2012 135 libcurl-devel 0:7.61.1-11.el8  false }
    {2013 135 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2018-20483
    {2010 135 curl 0:7.61.1-11.el8  false }
    {2011 135 libcurl 0:7.61.1-11.el8  false }
    {2012 135 libcurl-devel 0:7.61.1-11.el8  false }
    {2013 135 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2019-3822
    {2010 135 curl 0:7.61.1-11.el8  false }
    {2011 135 libcurl 0:7.61.1-11.el8  false }
    {2012 135 libcurl-devel 0:7.61.1-11.el8  false }
    {2013 135 libcurl-minimal 0:7.61.1-11.el8  false }
CVE-2019-3823
    {2010 135 curl 0:7.61.1-11.el8  false }
    {2011 135 libcurl 0:7.61.1-11.el8  false }
    {2012 135 libcurl-devel 0:7.61.1-11.el8  false }
    {2013 135 libcurl-minimal 0:7.61.1-11.el8  false }
------------------
[]models.Definition{
  models.Definition{
    ID:           0x87,
    RootID:       0x1,
    DefinitionID: "oval:com.redhat.rhsa:def:20193701",
    Title:        "RHSA-2019:3701: curl security and bug fix update (Moderate)",
    Description:  "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.\n\nSecurity Fix(es):\n\n* curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890)\n\n* wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483)\n\n* curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)\n\n* curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.",
    Advisory:     models.Advisory{
      ID:           0x87,
      DefinitionID: 0x87,
      Severity:     "Moderate",
      Cves:         []models.Cve{
        models.Cve{
          ID:         0x288,
          AdvisoryID: 0x87,
          CveID:      "CVE-2018-16890",
          Cvss2:      "",
          Cvss3:      "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          Cwe:        "CWE-125->CWE-190",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2018-16890",
          Public:     "20190206",
        },
        models.Cve{
          ID:         0x289,
          AdvisoryID: 0x87,
          CveID:      "CVE-2018-20483",
          Cvss2:      "",
          Cvss3:      "5.5/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          Cwe:        "CWE-200",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2018-20483",
          Public:     "20181226",
        },
        models.Cve{
          ID:         0x28a,
          AdvisoryID: 0x87,
          CveID:      "CVE-2019-3822",
          Cvss2:      "",
          Cvss3:      "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
          Cwe:        "CWE-121",
          Impact:     "moderate",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-3822",
          Public:     "20190206",
        },
        models.Cve{
          ID:         0x28b,
          AdvisoryID: 0x87,
          CveID:      "CVE-2019-3823",
          Cvss2:      "",
          Cvss3:      "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          Cwe:        "CWE-125",
          Impact:     "low",
          Href:       "https://access.redhat.com/security/cve/CVE-2019-3823",
          Public:     "20190206",
        },
      },
      Bugzillas: []models.Bugzilla{
        models.Bugzilla{
          ID:         0x288,
          AdvisoryID: 0x87,
          BugzillaID: "1662705",
          URL:        "https://bugzilla.redhat.com/1662705",
          Title:      "CVE-2018-20483 wget: Information exposure in set_file_metadata function in xattr.c",
        },
        models.Bugzilla{
          ID:         0x289,
          AdvisoryID: 0x87,
          BugzillaID: "1670252",
          URL:        "https://bugzilla.redhat.com/1670252",
          Title:      "CVE-2018-16890 curl: NTLM type-2 heap out-of-bounds buffer read",
        },
        models.Bugzilla{
          ID:         0x28a,
          AdvisoryID: 0x87,
          BugzillaID: "1670254",
          URL:        "https://bugzilla.redhat.com/1670254",
          Title:      "CVE-2019-3822 curl: NTLMv2 type-3 header stack buffer overflow",
        },
        models.Bugzilla{
          ID:         0x28b,
          AdvisoryID: 0x87,
          BugzillaID: "1670256",
          URL:        "https://bugzilla.redhat.com/1670256",
          Title:      "CVE-2019-3823 curl: SMTP end-of-response out-of-bounds read",
        },
      },
      AffectedCPEList: []models.Cpe{
        models.Cpe{
          ID:         0x53d,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1",
        },
        models.Cpe{
          ID:         0x53e,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::appstream",
        },
        models.Cpe{
          ID:         0x53f,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::crb",
        },
        models.Cpe{
          ID:         0x540,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::highavailability",
        },
        models.Cpe{
          ID:         0x541,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::resilientstorage",
        },
        models.Cpe{
          ID:         0x542,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::sap",
        },
        models.Cpe{
          ID:         0x543,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::sap_hana",
        },
        models.Cpe{
          ID:         0x544,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/a:redhat:rhel_eus:8.1::supplementary",
        },
        models.Cpe{
          ID:         0x545,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/o:redhat:rhel_eus:8.1",
        },
        models.Cpe{
          ID:         0x546,
          AdvisoryID: 0x87,
          Cpe:        "cpe:/o:redhat:rhel_eus:8.1::baseos",
        },
      },
      Issued:  2019-11-05 00:00:00 UTC,
      Updated: 2019-11-05 00:00:00 UTC,
    },
    Debian:        (*models.Debian)(nil),
    AffectedPacks: []models.Package{
      models.Package{
        ID:              0x7da,
        DefinitionID:    0x87,
        Name:            "curl",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x7db,
        DefinitionID:    0x87,
        Name:            "libcurl",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x7dc,
        DefinitionID:    0x87,
        Name:            "libcurl-devel",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
      models.Package{
        ID:              0x7dd,
        DefinitionID:    0x87,
        Name:            "libcurl-minimal",
        Version:         "0:7.61.1-11.el8",
        Arch:            "",
        NotFixedYet:     false,
        ModularityLabel: "",
      },
    },
    References: []models.Reference{
      models.Reference{
        ID:           0x30e,
        DefinitionID: 0x87,
        Source:       "RHSA",
        RefID:        "RHSA-2019:3701",
        RefURL:       "https://access.redhat.com/errata/RHSA-2019:3701",
      },
      models.Reference{
        ID:           0x30f,
        DefinitionID: 0x87,
        Source:       "CVE",
        RefID:        "CVE-2018-16890",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2018-16890",
      },
      models.Reference{
        ID:           0x310,
        DefinitionID: 0x87,
        Source:       "CVE",
        RefID:        "CVE-2018-20483",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2018-20483",
      },
      models.Reference{
        ID:           0x311,
        DefinitionID: 0x87,
        Source:       "CVE",
        RefID:        "CVE-2019-3822",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-3822",
      },
      models.Reference{
        ID:           0x312,
        DefinitionID: 0x87,
        Source:       "CVE",
        RefID:        "CVE-2019-3823",
        RefURL:       "https://access.redhat.com/security/cve/CVE-2019-3823",
      },
    },
  },
}

diff test

$ make clean-integration && make build-integration
$ make fetch-rdb && make fetch-redis
$ make diff-server-rdb-redis

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

@MaineK00n MaineK00n mentioned this pull request Jun 4, 2021
Open
@maxenced
Copy link

maxenced commented Jun 10, 2021
edited
Loading

Just tested this, fetching oval v2 works as expected, but we are using server mode, and i'm not sure it works at all with it.

On the same database, using goval-dictionary select -dbtype=redis -dbpath=redis://10.212.226.19:6379/2 -by-cveid redhat 8.2-eus CVE-2021-3156 gives a different result than using just version 8. However, using server mode (and so through api), both https://oval.xxx.net/packs/redhat/8.2-eus/sudo and https://oval.xxx.net/packs/redhat/8/sudo give the same result.

Also, not sure how it is expected to work with vulsio, as release only contains 8.2 for ex.

@MaineK00n MaineK00n self-assigned this Jul 15, 2021
@MaineK00n MaineK00n marked this pull request as ready for review July 24, 2021 20:01
@maxenced
Copy link

Hi @MaineK00n , how is this PR going ? Need any more test ?

@MaineK00n
Copy link
Collaborator Author

Hi @MaineK00n , how is this PR going ? Need any more test ?

Sorry for the slow progress...
I will be working on OVALv2 after this PR.
#153

@MaineK00n MaineK00n changed the base branch from master to MaineK00n/refactor-rdb September 15, 2021 19:20
@MaineK00n MaineK00n deleted the branch vulsio:master September 16, 2021 09:46
@MaineK00n MaineK00n closed this Sep 16, 2021
@MaineK00n MaineK00n reopened this Sep 16, 2021
@MaineK00n MaineK00n changed the base branch from MaineK00n/refactor-rdb to master September 16, 2021 13:09
@MaineK00n MaineK00n force-pushed the support-rhel-ovalv2 branch 3 times, most recently from 8a0ddb4 to cf7889e Compare February 2, 2022 01:51
@MaineK00n MaineK00n changed the title [WIP] Support RHEL OVALv2 Support RHEL OVALv2 Feb 2, 2022
@MaineK00n MaineK00n force-pushed the support-rhel-ovalv2 branch 2 times, most recently from 14acfc1 to 623b034 Compare February 2, 2022 06:49
@MaineK00n MaineK00n mentioned this pull request Feb 2, 2022
Closed
9 tasks
@MaineK00n MaineK00n marked this pull request as draft February 8, 2022 15:07
@MaineK00n MaineK00n force-pushed the support-rhel-ovalv2 branch 3 times, most recently from 80e1ab8 to ad640b7 Compare February 11, 2022 15:55
@MaineK00n MaineK00n marked this pull request as ready for review February 11, 2022 15:57
@MaineK00n MaineK00n force-pushed the support-rhel-ovalv2 branch 2 times, most recently from 4ab3e72 to 68c9bbf Compare February 15, 2022 20:35
@MaineK00n MaineK00n mentioned this pull request May 8, 2023
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@MaineK00n MaineK00n

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support Red Hat OVAL v2
2 participants
@MaineK00n @maxenced