[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2017:3048-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":97,"epss":9,"epss_history":98,"metrics":99,"affected":100},"SUSE-SU-2017:3048-1","Security update for file\n\n\n\nThe GNU file utility was updated to version 5.22.\n\nSecurity issues fixed:\n\n- CVE-2014-9621: The ELF parser in file allowed remote attackers to cause a denial of service via a long string. (bsc#913650)\n- CVE-2014-9620: The ELF parser in file allowed remote attackers to cause a denial of service via a large number of notes. (bsc#913651)\n- CVE-2014-9653: readelf.c in file did not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. (bsc#917152)\n- CVE-2014-8116: The ELF parser (readelf.c) in file allowed remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. (bsc#910253)\n- CVE-2014-8117: softmagic.c in file did not properly limit recursion, which allowed remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. (bsc#910253)\n\nVersion update to file version 5.22\n\n* add indirect relative for TIFF/Exif\n* restructure elf note printing to avoid repeated messages\n* add note limit, suggested by Alexander Cherepanov\n* Bail out on partial pread()'s (Alexander Cherepanov)\n* Fix incorrect bounds check in file_printable (Alexander Cherepanov)\n* PR/405: ignore SIGPIPE from uncompress programs\n* change printable -> file_printable and use it in more places for safety\n* in ELF, instead of '(uses dynamic libraries)' when PT_INTERP is present print the interpreter name.\n\nVersion update to file version 5.21\n\n* there was an incorrect free in magic_load_buffers()\n* there was an out of bounds read for some pascal strings\n* there was a memory leak in magic lists\n* don't interpret strings printed from files using the current\n  locale, convert them to ascii format first.\n* there was an out of bounds read in elf note reads\n\nUpdate to file version 5.20\n\n* recognize encrypted CDF documents\n* add magic_load_buffers from Brooks Davis\n* add thumbs.db support\n\nAdditional non-security bug fixes:\n\n* Fixed a memory corruption during rpmbuild (bsc#1063269)\n* Backport of a fix for an increased printable string length as found in file 5.30 (bsc#996511)\n* file command throws 'Composite Document File V2 Document, corrupt: Can't read SSAT' error against excel 97/2003 file format. (bsc#1009966)\n\n",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2014-8116",{"_key":17},"CVE-2014-8117",{"_key":19},"CVE-2014-9620",{"_key":21},"CVE-2014-9621",{"_key":23},"CVE-2014-9653",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2017-11-22T15:30:27Z","2026-02-04T03:05:51.554591Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,43,48,52,56,60,64,68,72,76,81,85,89,93],{"url":38,"sources":39,"tags":41},"https://www.suse.com/support/update/announcement/2017/suse-su-20173048-1/",[40],"osv_suse",[42],"Advisory",{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1009966",[40],[47],"REPORT",{"url":49,"sources":50,"tags":51},"https://bugzilla.suse.com/1063269",[40],[47],{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/910252",[40],[47],{"url":57,"sources":58,"tags":59},"https://bugzilla.suse.com/910253",[40],[47],{"url":61,"sources":62,"tags":63},"https://bugzilla.suse.com/913650",[40],[47],{"url":65,"sources":66,"tags":67},"https://bugzilla.suse.com/913651",[40],[47],{"url":69,"sources":70,"tags":71},"https://bugzilla.suse.com/917152",[40],[47],{"url":73,"sources":74,"tags":75},"https://bugzilla.suse.com/996511",[40],[47],{"url":77,"sources":78,"tags":79},"https://www.suse.com/security/cve/CVE-2014-8116",[40],[80],"WEB",{"url":82,"sources":83,"tags":84},"https://www.suse.com/security/cve/CVE-2014-8117",[40],[80],{"url":86,"sources":87,"tags":88},"https://www.suse.com/security/cve/CVE-2014-9620",[40],[80],{"url":90,"sources":91,"tags":92},"https://www.suse.com/security/cve/CVE-2014-9621",[40],[80],{"url":94,"sources":95,"tags":96},"https://www.suse.com/security/cve/CVE-2014-9653",[40],[80],[],[],[],[101,114,118,122,126,130,134,138,142,146,151],{"ecosystem":102,"name":103,"vendor":104,"product":105,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":105,"source":9,"versions":107},"SUSE Linux Enterprise","file","suse","file&distro=SUSE Linux Enterprise Desktop 12 SP2","rpm",[108],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},"lt5_22_10_3_1",true,"ecosystem","5.22-10.3.1","excluding",{"ecosystem":102,"name":103,"vendor":104,"product":115,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":115,"source":9,"versions":116},"file&distro=SUSE Linux Enterprise Desktop 12 SP3",[117],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":103,"vendor":104,"product":119,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":119,"source":9,"versions":120},"file&distro=SUSE Linux Enterprise Server 12 SP2",[121],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":103,"vendor":104,"product":123,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":123,"source":9,"versions":124},"file&distro=SUSE Linux Enterprise Server 12 SP3",[125],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":103,"vendor":104,"product":127,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":127,"source":9,"versions":128},"file&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",[129],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":103,"vendor":104,"product":131,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":131,"source":9,"versions":132},"file&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2",[133],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":103,"vendor":104,"product":135,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":135,"source":9,"versions":136},"file&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3",[137],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":103,"vendor":104,"product":139,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":139,"source":9,"versions":140},"file&distro=SUSE Linux Enterprise Software Development Kit 12 SP2",[141],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":103,"vendor":104,"product":143,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":143,"source":9,"versions":144},"file&distro=SUSE Linux Enterprise Software Development Kit 12 SP3",[145],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":147,"vendor":104,"product":148,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":148,"source":9,"versions":149},"python-magic","python-magic&distro=SUSE Linux Enterprise Software Development Kit 12 SP2",[150],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":102,"name":147,"vendor":104,"product":152,"cpe_part":9,"purl_type":106,"purl_namespace":104,"purl_name":152,"source":9,"versions":153},"python-magic&distro=SUSE Linux Enterprise Software Development Kit 12 SP3",[154],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9}]