[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2016:0304-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":100,"epss":9,"epss_history":101,"metrics":102,"affected":103},"SUSE-SU-2016:0304-1","Security update for libvirt\n\nlibvirt was updated to fix one security issue and several non-security issues.\n\nThis security issue was fixed:\n\n- CVE-2015-0236: libvirt allowed remote authenticated users to obtain the VNC\n  password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot\n  to the virDomainSnapshotGetXMLDesc interface or (2) image to the\n  virDomainSaveImageGetXMLDesc interface. (bsc#914693)\n- CVE-2015-5313: path traversal vulnerability allowed libvirtd process to write arbitrary files into file system using root permissions (bsc#953110)\n\nTheses non-security issues were fixed:\n\n- bsc#948686: Use PAUSED state for domains that are starting up.\n- bsc#903757: Provide nodeGetSecurityModel implementation in libxl.\n- bsc#938228: Set disk type to BLOCK when driver is not tap or file.\n- bsc#948516: Fix profile_status to distinguish between errors and unconfined domains.\n- bsc#936524: Fix error starting lxc containers with direct interfaces.\n- bsc#921555: Fixed apparmor generated profile for PCI hostdevs.\n- bsc#899334: Include additional upstream fixes for systemd TerminateMachine.\n- bsc#921586: Fix security driver default settings in /etc/libvirt/qemu.conf.\n- bsc#921355: Fixed a number of QEMU apparmor abstraction problems.\n- bsc#911737: Additional fix for the case where security labels aren't automatically set.\n- bsc#914297: Allow setting the URL of an SMT server to use in place of SCC.\n- bsc#904432: Backported route definition changes.\n",null,[],[],[],[14,16],{"_key":15},"CVE-2015-0236",{"_key":17},"CVE-2015-5313",[],[],[21,22],{"_key":15},{"_key":17},"2016-02-01T15:46:51Z","2026-02-04T03:14:20.313542Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,43,47,51,55,59,63,67,71,75,79,83,87,91,96],{"url":29,"sources":30,"tags":32},"https://www.suse.com/support/update/announcement/2016/suse-su-20160304-1/",[31],"osv_suse",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/899334",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://bugzilla.suse.com/903757",[31],[38],{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/904432",[31],[38],{"url":48,"sources":49,"tags":50},"https://bugzilla.suse.com/911737",[31],[38],{"url":52,"sources":53,"tags":54},"https://bugzilla.suse.com/914297",[31],[38],{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/914693",[31],[38],{"url":60,"sources":61,"tags":62},"https://bugzilla.suse.com/921355",[31],[38],{"url":64,"sources":65,"tags":66},"https://bugzilla.suse.com/921555",[31],[38],{"url":68,"sources":69,"tags":70},"https://bugzilla.suse.com/921586",[31],[38],{"url":72,"sources":73,"tags":74},"https://bugzilla.suse.com/936524",[31],[38],{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/938228",[31],[38],{"url":80,"sources":81,"tags":82},"https://bugzilla.suse.com/948516",[31],[38],{"url":84,"sources":85,"tags":86},"https://bugzilla.suse.com/948686",[31],[38],{"url":88,"sources":89,"tags":90},"https://bugzilla.suse.com/953110",[31],[38],{"url":92,"sources":93,"tags":94},"https://www.suse.com/security/cve/CVE-2015-0236",[31],[95],"WEB",{"url":97,"sources":98,"tags":99},"https://www.suse.com/security/cve/CVE-2015-5313",[31],[95],[],[],[],[104,117,121,125,129],{"ecosystem":105,"name":106,"vendor":107,"product":108,"cpe_part":9,"purl_type":109,"purl_namespace":107,"purl_name":108,"source":9,"versions":110},"SUSE Linux Enterprise","libvirt","suse","libvirt&distro=SUSE Linux Enterprise Desktop 12","rpm",[111],{"version":112,"is_range":113,"range_type":114,"version_start":9,"version_start_type":9,"version_end":115,"version_end_type":116,"fixed_in":9},"lt1_2_5_27_10_1",true,"ecosystem","1.2.5-27.10.1","excluding",{"ecosystem":105,"name":106,"vendor":107,"product":118,"cpe_part":9,"purl_type":109,"purl_namespace":107,"purl_name":118,"source":9,"versions":119},"libvirt&distro=SUSE Linux Enterprise Server 12",[120],{"version":112,"is_range":113,"range_type":114,"version_start":9,"version_start_type":9,"version_end":115,"version_end_type":116,"fixed_in":9},{"ecosystem":105,"name":106,"vendor":107,"product":122,"cpe_part":9,"purl_type":109,"purl_namespace":107,"purl_name":122,"source":9,"versions":123},"libvirt&distro=SUSE Linux Enterprise Server for SAP Applications 12",[124],{"version":112,"is_range":113,"range_type":114,"version_start":9,"version_start_type":9,"version_end":115,"version_end_type":116,"fixed_in":9},{"ecosystem":105,"name":106,"vendor":107,"product":126,"cpe_part":9,"purl_type":109,"purl_namespace":107,"purl_name":126,"source":9,"versions":127},"libvirt&distro=SUSE Linux Enterprise Software Development Kit 12",[128],{"version":112,"is_range":113,"range_type":114,"version_start":9,"version_start_type":9,"version_end":115,"version_end_type":116,"fixed_in":9},{"ecosystem":105,"name":106,"vendor":107,"product":130,"cpe_part":9,"purl_type":109,"purl_namespace":107,"purl_name":130,"source":9,"versions":131},"libvirt&distro=SUSE Linux Enterprise Workstation Extension 12",[132],{"version":112,"is_range":113,"range_type":114,"version_start":9,"version_start_type":9,"version_end":115,"version_end_type":116,"fixed_in":9}]