2.6
CVSSv2

CVE-2013-0169

Published: 08/02/2013 Updated: 09/10/2019
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 245
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Vulnerability Summary

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote malicious users to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl

oracle openjdk 1.8.0

oracle openjdk 1.6.0

oracle openjdk 1.7.0

oracle openjdk -

polarssl polarssl 0.10.0

polarssl polarssl 0.99

polarssl polarssl 0.10.1

polarssl polarssl 1.1.0

polarssl polarssl 0.12.0

polarssl polarssl 0.11.1

polarssl polarssl 0.11.0

polarssl polarssl 1.1.4

polarssl polarssl 1.1.3

polarssl polarssl 0.14.0

polarssl polarssl 0.14.2

polarssl polarssl 0.12.1

polarssl polarssl 1.1.2

polarssl polarssl 1.0.0

polarssl polarssl 0.13.1

polarssl polarssl 0.14.3

polarssl polarssl 1.1.1

Vendor Advisories

Synopsis Important: java-160-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact ...
Synopsis Critical: java-160-openjdk security update Type/Severity Security Advisory: Critical Topic Updated java-160-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact C ...
Synopsis Moderate: openssl security update Type/Severity Security Advisory: Moderate Topic Updated openssl packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulne ...
Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that fix three security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalsecu ...
Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-170-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as havingimportant secur ...
Synopsis Important: rhev-hypervisor6 security and bug fix update Type/Severity Security Advisory: Important Topic An updated rhev-hypervisor6 package that fixes several security issues andvarious bugs is now availableThe Red Hat Security Response Team has rated this update as havingimportant security impac ...
Debian Bug report logs - #699886 TLS timing attack in yaSSL (Lucky 13) Package: mysql-55; Maintainer for mysql-55 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Reported by: Thijs Kinkhorst <thijs@debianorg> Date: Wed, 6 Feb 2013 10:51:01 UTC Severity: serious Tags: patch, pending, securit ...
Debian Bug report logs - #699885 TLS timing attack in bouncycastle (Lucky 13) Package: bouncycastle; Maintainer for bouncycastle is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Thijs Kinkhorst <thijs@debianorg> Date: Wed, 6 Feb 2013 10:48:02 UTC Severity: serious Tags: securi ...
Synopsis Critical: java-170-oracle security update Type/Severity Security Advisory: Critical Topic Updated java-170-oracle packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having crit ...
Several security issues were fixed in OpenSSL ...
USN-1732-1 introduced a regression in OpenSSL ...
Debian Bug report logs - #699887 TLS timing attack in polarssl (Lucky 13) Package: polarssl; Maintainer for polarssl is Roland Stigge <stigge@antcomde>; Reported by: Thijs Kinkhorst <thijs@debianorg> Date: Wed, 6 Feb 2013 10:51:04 UTC Severity: serious Tags: security Fixed in versions polarssl/125-1, polarssl/1 ...
Multiple vulnerabilities have been found in OpenSSL The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-0166 OpenSSL does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid key CVE-2013-0169 A timing side ...
Debian Bug report logs - #699888 TLS timing attack in nss (Lucky 13) Package: nss; Maintainer for nss is Maintainers of Mozilla-related packages <team+pkg-mozilla@trackerdebianorg>; Reported by: Thijs Kinkhorst <thijs@debianorg> Date: Wed, 6 Feb 2013 10:54:02 UTC Severity: serious Tags: security Fixed in version ...
Debian Bug report logs - #699889 several issues in Security Advisory 5 Feb 2013 Package: openssl; Maintainer for openssl is Debian OpenSSL Team <pkg-openssl-devel@listsaliothdebianorg>; Source for openssl is src:openssl (PTS, buildd, popcon) Reported by: Thijs Kinkhorst <thijs@debianorg> Date: Wed, 6 Feb 2013 11 ...
Multiple vulnerabilities have been found in PolarSSL The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-0169 A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the Lucky Thirteen is ...
Several security issues were fixed in OpenSSL ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # SSA-556833: TLS Vulnerabilities in SIMATIC RF6XXR Publication Date: 2019-07-09 Last Update: 2019-07-09 Current Version: 10 CVSS v30 Base Score: 59 SUMMARY ======= The latest update for SIMATIC RF6XXR fixes multiple vulnerabilities related to outdated TLS versions ...
The TLS protocol 11 and 12 and the DTLS protocol 10 and 12, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via ...
Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2013-1486, CVE-2013-1484) An improper permission check issue was discovered in the Libraries component in OpenJDK An untrusted Java applica ...
An improper permission check issue was discovered in the JMX component in OpenJDK An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used A remot ...
Several security issues were fixed in OpenJDK ...
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle (CVE-2013-0169) A NULL pointer dereference ...
Synopsis Critical: java-160-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...
<!-- Start - Changes for Security Advisory Channel --> Security Advisory ID SYMSA1363 Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score: Legacy ID 9 May 2016 Open High CVSS v2: 100 SA123 ...
Support My AccountForcepoint Support Site Guest User (Logout)Community My Account Visitor(login)Community CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilities Article Number: 000008702 Produ ...
Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...
Table of Contents• Description • Products and Components Affected • Mitigate with Upgrades • Credit • Vulnerability Descriptions and Rating • Reflected XSS in Splunk Web (SPL-59895, CVE-2012-6447) • Unquoted Service Path in Windows for Universal Forwarder (SPL-60250, CVE-2013-6773) • Plaintext Recovery Attack and DoS in OpenSSL 09 ...
Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 55The Red Hat Security Response Team has rated this update as ha ...
Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 54The Red Hat Security Response Team has rated this update as ha ...

Github Repositories

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

security-scripts A collection of security related Python and Bash shell scripts, mainly revolving around testing hosts for security vulnerabilities For the shell scripts no fancy programming framework is required, all that is needed is a Bash shell Note that it is highly recommended to use analyze_hostspy as it is the most recent version No new features will be added to the

metls

tlslite-ng version 080-alpha21 (2018-12-10) Table of Contents Introduction License/Acknowledgements Installation Getting Started with the Command-Line Tools Getting Started with the Library Using tlslite-ng with httplib Using tlslite-ng with poplib or imaplib Using tlslite-ng with smtplib Using tlslite-ng with SocketServer Using tlslite-ng with asyncore SECURITY CONSIDE

https://github.com/tomato42/tlslite-ng.git

tlslite-ng version 080-alpha38 (2020-06-17) Table of Contents Introduction License/Acknowledgements Installation Getting Started with the Command-Line Tools Getting Started with the Library Using tlslite-ng with httplib Using tlslite-ng with poplib or imaplib Using tlslite-ng with smtplib Using tlslite-ng with SocketServer Using tlslite-ng with asyncore History 1 Intro

tlslite-ng version 080-alpha38 (2020-06-17) Table of Contents Introduction License/Acknowledgements Installation Getting Started with the Command-Line Tools Getting Started with the Library Using tlslite-ng with httplib Using tlslite-ng with poplib or imaplib Using tlslite-ng with smtplib Using tlslite-ng with SocketServer Using tlslite-ng with asyncore History 1 Intro

New home of the TLS implementation in pure python

tlslite-ng version 080-alpha38 (2020-06-17) Table of Contents Introduction License/Acknowledgements Installation Getting Started with the Command-Line Tools Getting Started with the Library Using tlslite-ng with httplib Using tlslite-ng with poplib or imaplib Using tlslite-ng with smtplib Using tlslite-ng with SocketServer Using tlslite-ng with asyncore History 1 Intro

TLS implementation in pure python, focused on interoperability testing

tlslite-ng version 080-alpha38 (2020-06-17) Table of Contents Introduction License/Acknowledgements Installation Getting Started with the Command-Line Tools Getting Started with the Library Using tlslite-ng with httplib Using tlslite-ng with poplib or imaplib Using tlslite-ng with smtplib Using tlslite-ng with SocketServer Using tlslite-ng with asyncore History 1 Intro

Домашнее задание к занятию "39 Элементы безопасности информационных систем" - yakovlev_vs 1 Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей Решение Bitwarden плагин устано

39_1 1,2 Зарегистрировался в BitWarden, подключил Google Authenticator 3 Сгенерировал самоподписанный сертификат, настроил apache2 4 Проверил сайт bioreformedru pashi@pashi-ub2004-test:/etc/apache2/conf-enabled/testsslsh$ /testsslsh -U --sneaky bioreformedru ####################

Домашнее задание к занятию "39 Элементы безопасности информационных систем" 1 Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей Решение: 2 Установите Google authenticator н

Домашнее задание к занятию "39 Элементы безопасности информационных систем" Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей Ответ: Установил, зарегистрировался

Репозиторий для домашних заданий по курсу DevOps 39 ДЗ 39 Элементы безопасности информационных систем Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей Ответ: Установите Go

"39 Элементы безопасности информационных систем" 1 Выполнено 2 Выполнено 3 Systemctl status apache2 ● apache2service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2service; enabled; vendor preset: enabled) Active: active (running) since Mon 2022-03-07 08:17:33 UTC;

1Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей 2Установите Google authenticator на мобильный телефон Настройте вход в Bitwarden акаунт через Google authenticator OTP 3Установите apache2, сген

devops-netology Домашнее задание к занятию "39 Элементы безопасности информационных систем" 1 Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей 2 Установите Google authenticator н

Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей ![image](user-imagesgithubusercontentcom/87232557/134864125-e91e71c3-0d31-4030-8983-ff94d978f6eepng) 2Установите Google authenticator на мобильны

Start 2021-10-13 07:42:02 1042249171:443 (netologyru) Further IP addresses: 1042248171 172674383 2606:4700:10::ac43:2b53 2606:4700:10::6816:30ab 2606:4700:10::6816:31ab rDNS (1042249171): -- Service detected: HTTP Testing vulnerabilities Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension CCS (CVE-2014-

Выполнено Выполнено Устанавливаем apache2, включаем поддержку ssl: sudo apt install apache2 sudo a2enmod ssl sudo systemctl restart apache2 Генерируем самоподписанный сертификат: sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout /etc

devops-netology Домашнее задание к занятию «21 Системы контроля версий» В будущем благодаря добавленному файлу gitignore в директории Terraform при использовании команды commit внутри директории terraform, будут игнориров

Домашнее задание к занятию "39 Элементы безопасности информационных систем" (1) Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей Решение (2) Установите Google authenticator н

1) 2) 3) 4)Клонируем репозиторий testssl: git clone --depth 1 githubcom/drwetter/testsslshgit Задаем права запуска на файл testsslsh: vagrant@vagrant:~/testsslsh$ chmod +x /testsslsh Проверяем произвольный сайт на у

Task 1 Установите Bitwarden плагин для браузера Зарегистрируйтесь и сохраните несколько паролей Для эксперимента выбираю браузер Firefox Устанавливаю расширение "Bitwarden - free password manager" Далее регистрирую аккаунт

11 Введение в DevOps Задание №1 - Подготовка рабочей среды jsonnet md sh tr yaml Задание №2 - Описание жизненного цикла задачи (разработки нового функционала) Менеджер ставит перед разработчиками задачу на разработку

Домашнее задание к занятию "39 Элементы безопасности информационных систем" 1 Установите Bitwarden плагин для браузера Зарегистрируйтесь и сохраните несколько паролей Решение: Но для себя я уже давно исп

devops-netology Hello, World!!! В файле gitignore: - игнорируются все скрытые файлы "terraform" с любой вложенностью - игнорируются все файлы заканчиващиеся на tfstate или содержат в названии tfstate - игнорируется файл crashlog - игн

Домашнее задание к занятию "39 Элементы безопасности информационных систем" 1 Установите Bitwarden плагин для браузера Зарегистрируйтесь и сохраните несколько паролей 2 Установите Google authenticator на мобиль

Домашнее задание к занятию "39 Элементы безопасности информационных систем" Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей Ответ Установите Google authenticator на мо

devops-netology «24 Инструменты Git» git show aefea commit aefead2207ef7e2aa5dc81a34aedf0cad4c32545 git show 85024d3 tag: v01223 3 git checkout b8d720 git log --pretty=format:'%h %s' –graph 56cd7859e0, 9ea88f22fc git log --oneline v01223v01

11 Введение в DevOps — Аронов Леонид Задание №2 - Описание жизненного цикла задачи (разработки нового функционала) Формулировка описания нового функционала Продукт-менеджер совместно с клиентом или отдело

32 Работа в терминале, лекция 2 1 Какого типа команда cd? Попробуйте объяснить, почему она именно такого типа; опишите ход своих мыслей, если считаете что она могла бы быть другого типа cd - встроенная команда об

Домашнее задание к занятию "39 Элементы безопасности информационных систем" 1 Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей 2 Установите Google authenticator на мобил

1 2 3 vagrant Vagrantconfigure("2") do |config| configvmdefine "master" do |subconfig| subconfigvmbox = "bento/ubuntu-2004" subconfigvmhostname = "master" subconfigvmnetwork :private_network, ip: "10001" end configvmdefine "web" do |subconfig| subconfigvmbox = "bento/ubun

39 Элементы безопасности информационных систем Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей Зарегестрировался и установил ibbco/939DrZ8 У

devops-netology Kirill Nelyubov Ответы на задание к занятию "39 Элементы безопасности информационных систем": Выполнено Принт-скрин "Google authenticator"а сделать не получается, доступ запрещён root@vagrant:~/testsslsh# /tests

devops-netology Домашнее задание к занятию "39 Элементы безопасности информационных систем" 1 Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей 2Установите Google authenticator н

Домашнее задание к занятию «39 Элементы безопасности информационных систем» 1,2 Bitwarden установлен в браузер Chromium, успешно настроена двухфакторная ауткнтификация vag Устанавливаем apache2 и генерируем се

39 Элементы безопасности информационных систем Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей Успешно зарегистрировался и добавил 3 реквизита аутентификации

Домашнее задание 39 Скриншот установленного плагина Bitwarden с сохраненным паролем находится в файле bitwardenpng Скриншот настроек OTP находится в файле bitwarden-otpjpg Использовалось приложение Яндексключ Создание

Плагин поставил, зарегистрировался, создал пару записей: (githubcom/Danil054/devops-netology/blob/main/pics/bitwarden1png) На телефон установил authenticator, в профиле настроил двухфакторную аутентификацию и активировал в приложении

devops-netology Домашнее задание к занятию «11 Введение в DevOps» Благодаря добавленному файлу gitignore будут проигнорированы следующие файлы в каталоге terraform: все файлы в директориях и поддиректориях terraform; файлы

DevOpsStudents -Netology -HelloNetology Домашнее задание к занятию "39 Элементы безопасности информационных систем" 1)Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей 2)Установи

DevOps-netology - учебный курс для DevOps инженеров Это публичный репозиторий, созданный для обучения и отработки навыков Если вы DevOps специалист, то полезной информации для вас тут нет Здесь будут опубликованы некото

1 Установите Bitwarden плагин для браузера Зарегестрируйтесь и сохраните несколько паролей 2 Установите Google authenticator на мобильный телефон Настройте вход в Bitwarden акаунт через Google authenticator OTP 3 Установите apache2, сге

Ответы на задание к занятию "39 Элементы безопасности информационных систем" Настроил проброс портов для ВМ nano Vagrantfile configvmnetwork "forwarded_port", guest: 80, host: 8080, host_ip: "127001" configvmnetwork "forwarded_por

internetdb Fast IP Lookups for Open Ports and Vulnerabilities Description Shodan shodanio/ scans the internet for hosts and services and maintains a few APIs into that data One API is the InternetDB internetdbshodanio/, which allows for free querying of open ports and vulnerabilities Tools are provided to query this servce What’s Inside The Tin The f

Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out current Contents CVE-2011-2856 CVE-2011-3243 CVE-2013-2618 CVE-2013-6632 CVE-2014-1701 CVE-2014-1705 CVE-2014-1747 CVE-2014-3176 CVE-2014-6332 CVE-2014-7927 CVE-2014-7928 CVE-2015-0072 CVE-2015-0235 CVE-2015-0240 CVE-2015-1233 CVE-2015-1242 CVE-2015-1268 CV

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :

References

CWE-310http://www.openssl.org/news/secadv_20130204.txthttps://polarssl.org/tech-updates/releases/polarssl-1.2.5-releasedhttp://openwall.com/lists/oss-security/2013/02/05/24http://www.isg.rhul.ac.uk/tls/TLStiming.pdfhttp://www.matrixssl.org/news.htmlhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.htmlhttp://www.ubuntu.com/usn/USN-1735-1http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.htmlhttp://www.debian.org/security/2013/dsa-2621http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0587.htmlhttp://www.debian.org/security/2013/dsa-2622http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.htmlhttp://www.us-cert.gov/cas/techalerts/TA13-051A.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0783.htmlhttp://marc.info/?l=bugtraq&m=136396549913849&w=2http://marc.info/?l=bugtraq&m=136439120408139&w=2http://marc.info/?l=bugtraq&m=136733161405818&w=2http://rhn.redhat.com/errata/RHSA-2013-0782.htmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21644047http://www.kb.cert.org/vuls/id/737740http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.htmlhttp://support.apple.com/kb/HT5880http://secunia.com/advisories/55139http://secunia.com/advisories/55108http://secunia.com/advisories/55351http://secunia.com/advisories/55350http://www.securitytracker.com/id/1029190http://secunia.com/advisories/55322http://rhn.redhat.com/errata/RHSA-2013-1455.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0833.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1456.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.htmlhttp://marc.info/?l=bugtraq&m=137545771702053&w=2http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.htmlhttp://www.splunk.com/view/SP-CAAAHXGhttp://secunia.com/advisories/53623http://www.mandriva.com/security/advisories?name=MDVSA-2013:095https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.htmlhttp://security.gentoo.org/glsa/glsa-201406-32.xmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlhttp://marc.info/?l=bugtraq&m=136432043316835&w=2http://www.securityfocus.com/bid/57778http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841https://puppet.com/security/cve/cve-2013-0169https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c03883001https://lists.debian.org/debian-lts-announce/2018/09/msg00029.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdfhttps://access.redhat.com/errata/RHSA-2013:0274https://github.com/PeterMosmans/security-scriptshttps://nvd.nist.govhttps://tools.cisco.com/security/center/viewAlert.x?alertId=58488https://www.cisa.gov/uscert/ics/advisories/icsa-22-097-01https://www.kb.cert.org/vuls/id/737740