Test ID:	1.3.6.1.4.1.25623.1.1.12.2021.4852.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-4852-1)
Summary:	The remote host is missing an update for the 'vtk' package(s) announced via the USN-4852-1 advisory.
Description:	Summary: The remote host is missing an update for the 'vtk' package(s) announced via the USN-4852-1 advisory. Vulnerability Insight: It was discovered that VTK incorrectly handled certain XML files in the embedded Expat library. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Affected Software/OS: 'vtk' package(s) on Ubuntu 14.04, Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-20843 Bugtraq: 20190628 [SECURITY] [DSA 4472-1] expat security update (Google Search) https://seclists.org/bugtraq/2019/Jun/39 https://security.netapp.com/advisory/ntap-20190703-0001/ https://support.f5.com/csp/article/K51011533 https://www.tenable.com/security/tns-2021-11 Debian Security Information: DSA-4472 (Google Search) https://www.debian.org/security/2019/dsa-4472 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/ https://security.gentoo.org/glsa/201911-08 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226 https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes https://github.com/libexpat/libexpat/issues/186 https://github.com/libexpat/libexpat/pull/262 https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/security-alerts/cpuoct2021.html https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html SuSE Security Announcement: openSUSE-SU-2019:1777 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html https://usn.ubuntu.com/4040-1/ https://usn.ubuntu.com/4040-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-15903 Bugtraq: 20190917 [slackware-security] expat (SSA:2019-259-01) (Google Search) https://seclists.org/bugtraq/2019/Sep/30 Bugtraq: 20190923 [SECURITY] [DSA 4530-1] expat security update (Google Search) https://seclists.org/bugtraq/2019/Sep/37 Bugtraq: 20191021 [slackware-security] python (SSA:2019-293-01) (Google Search) https://seclists.org/bugtraq/2019/Oct/29 Bugtraq: 20191101 [SECURITY] [DSA 4549-1] firefox-esr security update (Google Search) https://seclists.org/bugtraq/2019/Nov/1 Bugtraq: 20191118 [SECURITY] [DSA 4571-1] thunderbird security update (Google Search) https://seclists.org/bugtraq/2019/Nov/24 Bugtraq: 20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra (Google Search) https://seclists.org/bugtraq/2019/Dec/23 Bugtraq: 20191211 APPLE-SA-2019-12-10-5 tvOS 13.3 (Google Search) https://seclists.org/bugtraq/2019/Dec/21 Bugtraq: 20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1 (Google Search) https://seclists.org/bugtraq/2019/Dec/17 https://github.com/libexpat/libexpat/issues/342 https://security.netapp.com/advisory/ntap-20190926-0004/ https://support.apple.com/kb/HT210785 https://support.apple.com/kb/HT210788 https://support.apple.com/kb/HT210789 https://support.apple.com/kb/HT210790 https://support.apple.com/kb/HT210793 https://support.apple.com/kb/HT210794 https://support.apple.com/kb/HT210795 Debian Security Information: DSA-4530 (Google Search) https://www.debian.org/security/2019/dsa-4530 Debian Security Information: DSA-4549 (Google Search) https://www.debian.org/security/2019/dsa-4549 Debian Security Information: DSA-4571 (Google Search) https://www.debian.org/security/2019/dsa-4571 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/ http://seclists.org/fulldisclosure/2019/Dec/23 http://seclists.org/fulldisclosure/2019/Dec/26 http://seclists.org/fulldisclosure/2019/Dec/27 http://seclists.org/fulldisclosure/2019/Dec/30 http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43 https://github.com/libexpat/libexpat/issues/317 https://github.com/libexpat/libexpat/pull/318 https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html RedHat Security Advisories: RHSA-2019:3210 https://access.redhat.com/errata/RHSA-2019:3210 RedHat Security Advisories: RHSA-2019:3237 https://access.redhat.com/errata/RHSA-2019:3237 RedHat Security Advisories: RHSA-2019:3756 https://access.redhat.com/errata/RHSA-2019:3756 SuSE Security Announcement: openSUSE-SU-2019:2204 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html SuSE Security Announcement: openSUSE-SU-2019:2205 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html SuSE Security Announcement: openSUSE-SU-2019:2420 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html SuSE Security Announcement: openSUSE-SU-2019:2424 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html SuSE Security Announcement: openSUSE-SU-2019:2425 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html SuSE Security Announcement: openSUSE-SU-2019:2447 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html SuSE Security Announcement: openSUSE-SU-2019:2451 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html SuSE Security Announcement: openSUSE-SU-2019:2452 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html SuSE Security Announcement: openSUSE-SU-2019:2459 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html SuSE Security Announcement: openSUSE-SU-2019:2464 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html SuSE Security Announcement: openSUSE-SU-2020:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html https://usn.ubuntu.com/4132-1/ https://usn.ubuntu.com/4132-2/ https://usn.ubuntu.com/4165-1/ https://usn.ubuntu.com/4202-1/ https://usn.ubuntu.com/4335-1/
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.