DSA-2023-460: Security Update for Dell Streaming Data Platform for Multiple Third-Party Component Vulnerabilities.
Summary: Dell Streaming Data Platform remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Αυτό το άρθρο ισχύει για
Αυτό το άρθρο δεν ισχύει για
Αυτό το άρθρο δεν συνδέεται με κάποιο συγκεκριμένο προϊόν.
Δεν προσδιορίζονται όλες οι εκδόσεις προϊόντων σε αυτό το άρθρο.
Impact
Critical
Details
| Third-party Component | CVEs | More Information | ||
|---|---|---|---|---|
| bind9 | CVE-2022-3924, CVE-2022-38178, CVE-2022-38177, CVE-2022-3736, CVE-2022-2881, CVE-2022-3080, CVE-2022-3094, CVE-2023-2828, CVE-2023-2911, CVE-2022-2795 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/  |
||
| fasterXML jackson-databind | CVE-2017-17485, CVE-2017-7525, CVE-2018-7489, CVE-2020-10650, CVE-2020-35490, CVE-2020-35491, CVE-2020-10673, CVE-2020-25649 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| xstream | CVE-2022-41966, CVE-2022-40152, CVE-2022-40151 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| commons IO | CVE-2021-29425 | https://nvd.nist.gov/vuln/detail/CVE-2021-29425 |
||
| cryptography | CVE-2023-38325 | https://nvd.nist.gov/vuln/detail/CVE-2023-38325 |
||
| D-bus | CVE-2023-34969 | https://nvd.nist.gov/vuln/detail/CVE-2023-34969 |
||
| decode-uri-component | CVE-2022-38900, CVE-2022-38778, | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| derby | CVE-2018-1313 | https://nvd.nist.gov/vuln/detail/CVE-2018-1313 |
||
| git-core | CVE-2023-29007, CVE-2023-25815, CVE-2023-25652 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| cloudflare | CVE-2023-1732 | https://nvd.nist.gov/vuln/detail/CVE-2023-1732 |
||
| saml | CVE-2023-28119, CVE-2022-41912 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| prometheus Exporter Toolkit | CVE-2022-46146 | https://nvd.nist.gov/vuln/detail/CVE-2022-46146 |
||
| goxmldsig | CVE-2020-7711 | https://nvd.nist.gov/vuln/detail/CVE-2020-7711 |
||
| rekor | CVE-2023-30551, CVE-2023-33199 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| glob-parent | CVE-2021-35065 | https://nvd.nist.gov/vuln/detail/CVE-2021-35065 |
||
| go | CVE-2022-32190 | https://nvd.nist.gov/vuln/detail/CVE-2022-32190 |
||
| crypto | CVE-2020-9283 | https://nvd.nist.gov/vuln/detail/CVE-2020-9283 |
||
| http-cache-semantics | CVE-2022-25881 | https://nvd.nist.gov/vuln/detail/CVE-2022-25881 |
||
| fabric8_kubernetes-client | CVE-2021-20218 | https://nvd.nist.gov/vuln/detail/CVE-2021-20218 |
||
| Netty | CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2022-41881, CVE-2021-37136, CVE-2021-37137, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-43797, CVE-2022-24823, CVE-2023-34462, CVE-2021-37136, CVE-2021-37137, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-43797 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| Netty | CVE-2022-41881 | https://nvd.nist.gov/vuln/detail/CVE-2022-41881 |
||
| Nettty-codec-http3 | CVE-2021-21409 | https://nvd.nist.gov/vuln/detail/CVE-2021-21409 |
||
| Quarkus | CVE-2022-4147, CVE-2023-0044, CVE-2022-4116 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| java | CVE-2023-21830, CVE-2023-21835 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| java-11-openjdk | CVE-2023-21930, CVE-2023-25193, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-22041, | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| java-11-openjdk-headless | CVE-2023-21930, CVE-2023-25193, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-22041 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| json5 | CVE-2022-46175 | https://nvd.nist.gov/vuln/detail/CVE-2022-46175 |
||
| Kubernetes | CVE-2020-8565, CVE-2019-11255 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| kotlin-stdlib | CVE-2020-29582, CVE-2022-24329 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| Apparmor | CVE-2016-1585 | https://nvd.nist.gov/vuln/detail/CVE-2016-1585 |
||
| avahi | CVE-2023-1981, CVE-2023-38469, CVE-2023-38471, CVE-2023-38470, CVE-2023-38472, CVE-2023-38473 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| FFmpeg | CVE-2022-48434, CVE-2022-3964, CVE-2022-3109, CVE-2022-3341 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| glibc | CVE-2020-1751 | https://nvd.nist.gov/vuln/detail/CVE-2020-1751 |
||
| libcap-progs | CVE-2023-2603 | https://nvd.nist.gov/vuln/detail/CVE-2023-2603 |
||
| libcares2 | CVE-2023-32067, CVE-2023-31147, CVE-2023-31130 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| libc-bin | CVE-2021-3999 | https://nvd.nist.gov/vuln/detail/CVE-2021-3999 | ||
| libcups3 | CVE-2023-34241 | https://nvd.nist.gov/vuln/detail/CVE-2023-34241 | ||
| curl | CVE-2023-23914, CVE-2022-43551, CVE-2022-42916, CVE-2022-32221, CVE-2023-23916, CVE-2023-23915, CVE-2022-43552, CVE-2023-28319, CVE-2023-28321, CVE-2023-28320 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| libcurl | CVE-2023-23914, CVE-2022-43551, CVE-2022-42916, CVE-2023-23915 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| libdbus-1-3 | CVE-2023-34969 | https://nvd.nist.gov/vuln/detail/CVE-2023-34969 |
||
| libexpat2 | CVE-2022-40674 | https://nvd.nist.gov/vuln/detail/CVE-2022-40674 |
||
| libglib2.0-1 | CVE-2023-32643, CVE-2023-32636, CVE-2023-32611, CVE-2023-29499 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| libgnutls31 | CVE-2022-2509 | https://nvd.nist.gov/vuln/detail/CVE-2022-2509 |
||
| GNU Compiler Collection (GCC) | CVE-2018-12886 | https://nvd.nist.gov/vuln/detail/CVE-2018-12886 |
||
| libjpeg-turbo | CVE-2023-2804 | https://nvd.nist.gov/vuln/detail/CVE-2023-2804 |
||
| krb5 | CVE-2022-42898 | https://nvd.nist.gov/vuln/detail/CVE-2022-42898 |
||
| libllvm16 | CVE-2023-29932, CVE-2023-29934, CVE-2023-29933 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| libncurses | CVE-2022-29458 | https://nvd.nist.gov/vuln/detail/CVE-2022-29458 |
||
| libncursesw6 | CVE-2023-29491 | https://nvd.nist.gov/vuln/detail/CVE-2023-29491 |
||
| libopenssl1_1 | CVE-2023-0465 | https://nvd.nist.gov/vuln/detail/CVE-2023-0465 |
||
| libpcre2-8-1 | CVE-2022-1587 | https://nvd.nist.gov/vuln/detail/CVE-2022-1587 |
||
| libprocps8,procps | CVE-2023-4016 | https://nvd.nist.gov/vuln/detail/CVE-2023-4016 |
||
| librsvg | CVE-2023-38633 | https://nvd.nist.gov/vuln/detail/CVE-2023-38633 |
||
| openssl | CVE-2023-0464, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2023-0466, CVE-2023-0465, CVE-2022-4304, CVE-2022-2097, CVE-2023-3446, CVE-2023-2650, CVE-2023-0464, CVE-2023-0466, CVE-2023-0465, CVE-2023-2975, CVE-2023-3446, CVE-2023-0464, CVE-2023-1255, CVE-2023-2975, CVE-2023-3446, CVE-2023-0466, CVE-2023-0465, CVE-2023-2650, CVE-2023-0464, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2023-0466, CVE-2023-0465, CVE-2022-4304, CVE-2022-2097, CVE-2023-0465 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| systemd | CVE-2022-3821 | https://nvd.nist.gov/vuln/detail/CVE-2022-3821 |
||
| libtirpc | CVE-2021-46828 | https://nvd.nist.gov/vuln/detail/CVE-2021-46828 |
||
| libwebp7 | CVE-2023-1999 | https://nvd.nist.gov/vuln/detail/CVE-2023-1999 |
||
| libX11-6 | CVE-2023-3138 | https://nvd.nist.gov/vuln/detail/CVE-2023-3138 |
||
| libxml3 | CVE-2022-40303, CVE-2023-29469, CVE-2023-28484 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| libxml2-2 | CVE-2023-29469, CVE-2023-28484 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| log4j | CVE-2023-26464, CVE-2019-17571, CVE-2020-9493, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2021-4104 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| ncurses | CVE-2022-29458 | https://nvd.nist.gov/vuln/detail/CVE-2022-29458 |
||
| ncurses-utils | CVE-2023-29491 | https://nvd.nist.gov/vuln/detail/CVE-2023-29491 |
||
| node-jose | CVE-2023-25653 | https://nvd.nist.gov/vuln/detail/CVE-2023-25653 |
||
| nodejs18 | CVE-2023-32067, CVE-2022-25881, CVE-2023-30581, CVE-2023-31147, CVE-2023-31130, CVE-2023-30589, CVE-2023-30590, CVE-2023-30588, CVE-2023-30585 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| npm18 | CVE-2023-32067, CVE-2022-25881, CVE-2023-30581, CVE-2023-31147, CVE-2023-31130, CVE-2023-30589, CVE-2023-30590, CVE-2023-30588, CVE-2023-30585 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| apache bookkeeper | CVE-2022-32531 | https://nvd.nist.gov/vuln/detail/CVE-2022-32531 |
||
| apache aalcite | CVE-2022-39135, CVE-2020-13955 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| apache hadoop | CVE-2016-6811, CVE-2017-7669, CVE-2020-9492, CVE-2021-37404, CVE-2022-26612 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| apache hadoop-hdfs | CVE-2016-6811, CVE-2017-15718, CVE-2017-3166, CVE-2018-1296, CVE-2018-8029, CVE-2020-9492, CVE-2021-33036, CVE-2022-25168, CVE-2017-15713 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| apache hadoop | CVE-2021-33036 | https://nvd.nist.gov/vuln/detail/CVE-2021-33036 | ||
| apache commons HttpClient | CVE-2012-6153, CVE-2011-1498, CVE-2014-3577, CVE-2015-5262 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| apache james mime4j | CVE-2022-45787 | https://nvd.nist.gov/vuln/detail/CVE-2022-45787 |
||
| apache spark | CVE-2018-17190 | https://nvd.nist.gov/vuln/detail/CVE-2018-17190 |
||
| apache sshd | CVE-2022-45047 | https://nvd.nist.gov/vuln/detail/CVE-2022-45047 |
||
| apache zookeeper | CVE-2016-5017, CVE-2017-5637, CVE-2018-8012, CVE-2019-0201 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| jetty | CVE-2021-28169, CVE-2021-34429 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| jsoup | CVE-2022-36033 | https://nvd.nist.gov/vuln/detail/CVE-2022-36033 |
||
| keycloak-core | CVE-2022-1245, CVE-2021-3754, CVE-2021-20323, CVE-2021-3827, CVE-2022-0225, CVE-2022-1466 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| keycloak-server | CVE-2023-2585 | https://access.redhat.com/security/cve/cve-2023-2585 |
||
| keycloak | CVE-2023-0264, CVE-2023-2422, CVE-2022-4361, CVE-2022-1274, CVE-2022-1438, CVE-2023-2585 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
|
||
| postgresql | CVE-2022-41946 | https://nvd.nist.gov/vuln/detail/CVE-2022-41946 |
||
| wildfly-elytron | CVE-2022-3143 | https://nvd.nist.gov/vuln/detail/CVE-2022-3143 |
||
| snakeYaml | CVE-2017-18640 | https://nvd.nist.gov/vuln/detail/CVE-2017-18640 |
||
| pyspark | CVE-2023-32007, CVE-2021-38296, CVE-2022-33891, CVE-2020-27218 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| python | CVE-2022-42919, CVE-2018-25032, CVE-2020-10735, CVE-2015-20107, CVE-2023-27043, CVE-2023-24329, CVE-2023-32681 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| qs | CVE-2022-24999 | https://nvd.nist.gov/vuln/detail/CVE-2022-24999 |
||
| busybox | CVE-2022-30065 | https://nvd.nist.gov/vuln/detail/CVE-2022-30065 |
||
| xerces_xercesImpl | CVE-2012-0881, CVE-2013-4002, CVE-2009-2625 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
||
| zlib | CVE-2022-37434 | https://nvd.nist.gov/vuln/detail/CVE-2022-37434 |
Επηρεαζόμενα προϊόντα και αποκατάσταση
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell Streaming Data Platform | Versions 1.1.x through 1.8.x | 1.9.0 | https://www.dell.com/support/home/product-support/product/streaming-data-platform/drivers |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell Streaming Data Platform | Versions 1.1.x through 1.8.x | 1.9.0 | https://www.dell.com/support/home/product-support/product/streaming-data-platform/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-12-19 | Initial Release |
Related Information
Νομική αποποίηση ευθύνης
Επηρεαζόμενα προϊόντα
Streaming Data Platform Family, Streaming Data PlatformΙδιότητες άρθρου
Article Number: 000220577
Article Type: Dell Security Advisory
Τελευταία τροποποίηση: 19 Σεπ 2025
Βρείτε απαντήσεις στις ερωτήσεις σας από άλλους χρήστες της Dell
Υπηρεσίες υποστήριξης
Ελέγξτε αν η συσκευή σας καλύπτεται από τις Υπηρεσίες υποστήριξης.