DSA-2023-086: Dell Streaming Data Platform Security Update for Multiple Third-Party Component Vulnerabilities
Summary: Dell Streaming Data Platform remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Αυτό το άρθρο ισχύει για
Αυτό το άρθρο δεν ισχύει για
Αυτό το άρθρο δεν συνδέεται με κάποιο συγκεκριμένο προϊόν.
Δεν προσδιορίζονται όλες οι εκδόσεις προϊόντων σε αυτό το άρθρο.
Impact
Critical
Details
| Third-party Component | CVEs | More Information |
|---|---|---|
| Apache Portable Runtime | CVE-2017-12613, CVE-2021-35940 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/  |
| Apache Zookeeper | CVE-2020-10663 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Berkeley DB | CVE-2016-0682, CVE-2016-0689, CVE-2016-0694, CVE-2016-3418, CVE-2017-10140, CVE-2017-3604, CVE-2017-3605, CVE-2017-3606, CVE-2017-3607, CVE-2017-3608, CVE-2017-3609, CVE-2017-3610, CVE-2017-3612, CVE-2017-3613, CVE-2017-3614, CVE-2017-3615, CVE-2017-3616, CVE-2017-3617, CVE-2020-2981 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Bouncy Castle Provider - FIPS | CVE-2022-45146 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| busybox | CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| curl | CVE-2022-22576, CVE-2022-27775, CVE-2022-27782, CVE-2022-42915 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| D-Bus | CVE-2019-12749 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| GNU C Library | CVE-2020-1752, CVE-2020-6096, CVE-2021-3326, CVE-2021-35942, CVE-2021-38604, CVE-2021-3999, CVE-2022-23219 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| GNU Compiler Collection | CVE-2021-3826 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| GnuTLS | CVE-2022-2509, CVE-2022-2509 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Google V8 JavaScript Engine | CVE-2022-4262 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| go-restful | CVE-2022-1996 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| gzip | CVE-2022-1271 | See NVD link below for individual scores for each CVE.https://nvd.nist.gov/ |
| helm/helm | CVE-2022-36049 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Jackson dataformats: Binary | CVE-2020-28491 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| jackson-databind | CVE-2020-10650, CVE-2020-36179, CVE-2020-36180, CVE-2020-36182, CVE-2020-36183, CVE-2020-36184, CVE-2020-36185, CVE-2020-36186, CVE-2020-36187, CVE-2020-36188, CVE-2020-36518, CVE-2021-20190, CVE-2022-42003, CVE-2022-42004 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| JDOM | CVE-2021-33813 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Jettison - Json Stax implementation | CVE-2022-40149, CVE-2022-40150 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Jetty: Java based HTTP/1.x, HTTP/2, Servlet, WebSocket Server | CVE-2020-27216, CVE-2021-28165 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| jQuery UI | CVE-2016-7103 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| json-c | CVE-2020-12762 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| json-smart | CVE-2021-31684 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| jupyter-server/jupyter_server | CVE-2022-29241 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| keycloak | CVE-2021-3632, CVE-2021-4133, CVE-2022-1245, CVE-2022-3782 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| krb5/krb5 | CVE-2020-28196, CVE-2021-36222, CVE-2022-42898 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| libde265 | CVE-2020-21595, CVE-2020-21596, CVE-2020-21597, CVE-2020-21598, CVE-2020-21600, CVE-2020-21601, CVE-2020-21602, CVE-2020-21603, CVE-2020-21604 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| libexpat | CVE-2022-25235, CVE-2022-25236, CVE-2022-25314, CVE-2022-25315, CVE-2022-40674, CVE-2022-43680, CVE-2022-43680 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| libgcrypt | CVE-2021-33560 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| libjpeg | CVE-2020-14152 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Libtasn1 | CVE-2021-46848 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| libTIFF | CVE-2022-0891, CVE-2022-3970, CVE-2022-48281 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| libxml2 | CVE-2022-40303, CVE-2022-40304 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Linux-Pam | CVE-2022-28321 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| lua | CVE-2022-28805 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Netty Project | CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2019-9512, CVE-2020-11612, CVE-2020-7238, CVE-2021-37136, CVE-2021-37137, CVE-2022-41881 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| nghttp2 | CVE-2020-11080 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Node.js | CVE-2018-7160, CVE-2021-22931, CVE-2021-22940, CVE-2021-44531, CVE-2022-0778, CVE-2022-21824, CVE-2022-32212, CVE-2022-35256, CVE-2022-3602, CVE-2022-3786, CVE-2022-43548 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| OpenJDK | CVE-2022-34169 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| OpenSSL | CVE-2022-0778, CVE-2022-1292, CVE-2022-1292 (BDSA-2022-1242) , CVE-2022-2068, CVE-2022-2068, CVE-2022-2068 (BDSA-2022-1716) , CVE-2022-3996 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| p11-kit | CVE-2020-29361, CVE-2020-29363 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| PCRE | CVE-2017-6004, CVE-2017-7186, CVE-2019-20838 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| PCRE2 | CVE-2022-1586, CVE-2022-1587 | See NVD link below for individual scores for each CVE.https://nvd.nist.gov/ |
| Perl | CVE-2017-12814, CVE-2017-12837, CVE-2017-12883, CVE-2018-12015, CVE-2018-18311, CVE-2018-18312, CVE-2018-18313, CVE-2018-18314, CVE-2018-6797, CVE-2018-6798, CVE-2018-6913, CVE-2020-10543, CVE-2020-10878, CVE-2020-12723, CVE-2021-36770 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| PostgreSQL Database Server | CVE-2021-23214, CVE-2022-1552, CVE-2022-2625 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Protobuf | CVE-2022-1941, CVE-2022-3171 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Python programming language | CVE-2007-4559, CVE-2020-10735, CVE-2022-37454, CVE-2022-42919, CVE-2022-45061 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| qs - QS Querystring | CVE-2022-24999 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| requests | CVE-2018-18074 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| runc | CVE-2022-29162 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| SnakeYAML | CVE-2022-25857 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| SQLite | CVE-2022-35737 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
Επηρεαζόμενα προϊόντα και αποκατάσταση
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell Streaming Data Platform | Versions 1.1.x, 1.2.x, 1.3.x, 1.4.x, and 1.5.x | Version 1.6 |
Dell recommends all customers to upgrade to SDP 1.6 available at Dell Support site |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell Streaming Data Platform | Versions 1.1.x, 1.2.x, 1.3.x, 1.4.x, and 1.5.x | Version 1.6 |
Dell recommends all customers to upgrade to SDP 1.6 available at Dell Support site |
Revision History
| Revision | Date | Description |
| 1.0 | 2023-03-27 | Initial Release |
| 2.0 | 2023-09-01 | Updated for enhanced presentation with no changes to content. |
Related Information
Νομική αποποίηση ευθύνης
Επηρεαζόμενα προϊόντα
Streaming Data Platform Family, Streaming Data PlatformΙδιότητες άρθρου
Article Number: 000211636
Article Type: Dell Security Advisory
Τελευταία τροποποίηση: 19 Σεπ 2025
Βρείτε απαντήσεις στις ερωτήσεις σας από άλλους χρήστες της Dell
Υπηρεσίες υποστήριξης
Ελέγξτε αν η συσκευή σας καλύπτεται από τις Υπηρεσίες υποστήριξης.