Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000223321

DSA-2024-137: Security Update for Dell Data Lakehouse System Software for Multiple Third-Party Component Vulnerabilities.

Summary: Dell Data Lakehouse System Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

Critical

Details

Third-party Component CVEs More Information
aiohttp CVE-2023-37276 https://nvd.nist.gov/vuln/detail/CVE-2023-37276 This hyperlink is taking you to a website outside of Dell Technologies.
bind CVE-2022-3094, CVE-2022-38178, CVE-2021-25220, CVE-2022-2795, CVE-2022-38177, CVE-2023-2828 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
certifi CVE-2023-37920, CVE-2022-23491 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
circl CVE-2023-1732 https://nvd.nist.gov/vuln/detail/CVE-2023-1732 This hyperlink is taking you to a website outside of Dell Technologies.
google guava CVE-2023-2976 https://nvd.nist.gov/vuln/detail/CVE-2023-2976 This hyperlink is taking you to a website outside of Dell Technologies.
container-suseconnect CVE-2022-41724, CVE-2022-41723, CVE-2022-41720, CVE-2023-24532, CVE-2022-41725 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
cryptography CVE-2023-38325, CVE-2023-23931, CVE-2023-0286 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
dbus CVE-2023-34969, CVE-2022-42011, CVE-2022-42012, CVE-2022-42010 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
emacs-filesystem CVE-2023-2491, CVE-2022-48337, CVE-2022-48339, CVE-2022-45939, CVE-2023-28617, CVE-2022-48338 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
expat CVE-2022-40674, CVE-2022-43680 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
future CVE-2022-40899 https://nvd.nist.gov/vuln/detail/CVE-2022-40899 This hyperlink is taking you to a website outside of Dell Technologies.
git-core CVE-2023-25652, CVE-2023-29007, CVE-2023-25815 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
containerd CVE-2023-25173, CVE-2023-25153, CVE-2022-23471 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
jwt-go CVE-2020-26160 https://nvd.nist.gov/vuln/detail/CVE-2020-26160 This hyperlink is taking you to a website outside of Dell Technologies.
docker CVE-2023-2253, CVE-2023-28842, CVE-2023-28841, CVE-2023-28840 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
emicklei/go-restful CVE-2022-1996 https://nvd.nist.gov/vuln/detail/CVE-2022-1996 This hyperlink is taking you to a website outside of Dell Technologies.
gin-gonic/gin CVE-2023-29401 https://nvd.nist.gov/vuln/detail/CVE-2023-29401 This hyperlink is taking you to a website outside of Dell Technologies.
Gogo protobuf CVE-2021-3121 https://nvd.nist.gov/vuln/detail/CVE-2021-3121 This hyperlink is taking you to a website outside of Dell Technologies.
client_golang CVE-2022-21698 https://nvd.nist.gov/vuln/detail/CVE-2022-21698 This hyperlink is taking you to a website outside of Dell Technologies.
exporter-toolkit CVE-2022-46146 https://nvd.nist.gov/vuln/detail/CVE-2022-46146 This hyperlink is taking you to a website outside of Dell Technologies.
rancher wrangler CVE-2022-43756, CVE-2022-31249 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
rekor CVE-2023-33199, CVE-2023-30551 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
ulikunitz/xz CVE-2021-29482 https://nvd.nist.gov/vuln/detail/CVE-2021-29482 This hyperlink is taking you to a website outside of Dell Technologies.
gnupg2 CVE-2022-34903 https://nvd.nist.gov/vuln/detail/CVE-2022-34903 This hyperlink is taking you to a website outside of Dell Technologies.
gnutls CVE-2023-0361, CVE-2022-2509 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
go, golang.org CVE-2023-29406, CVE-2023-24540, CVE-2023-24538, CVE-2023-24537, CVE-2023-24536, CVE-2023-24534, CVE-2023-24532, CVE-2023-45284, CVE-2023-39326, CVE-2023-45285, CVE-2023-45283, CVE-2023-29409, CVE-2022-41723, CVE-2023-29400, CVE-2023-29404, CVE-2022-41724, CVE-2023-29402, CVE-2022-41725, CVE-2023-29403, CVE-2023-24539, CVE-2023-29405, CVE-2022-41717, CVE-2022-30631, CVE-2022-41715, CVE-2022-1962, CVE-2022-1705, CVE-2022-30630, CVE-2022-32190, CVE-2022-27664, CVE-2020-28362, CVE-2021-44716, CVE-2022-30633, CVE-2020-28366, CVE-2021-33195, CVE-2022-24921, CVE-2022-28131, CVE-2022-28327, CVE-2022-30632, CVE-2020-28367, CVE-2021-31525, CVE-2022-30580, CVE-2021-3114, CVE-2021-41771, CVE-2022-23773, CVE-2021-39293, CVE-2020-24553, CVE-2021-29923, CVE-2020-29509, CVE-2022-23806, CVE-2021-27918, CVE-2022-41716, CVE-2022-23772, CVE-2022-2879, CVE-2022-2880, CVE-2021-34558, CVE-2020-29511, CVE-2021-41772, CVE-2022-30635, CVE-2022-32148, CVE-2021-33198, CVE-2021-36221, CVE-2021-38297, CVE-2022-24675, CVE-2021-33196, CVE-2020-29510, CVE-2021-33194, CVE-2021-33197, CVE-2022-32189, CVE-2020-16845, CVE-2020-15586, CVE-2020-14039, CVE-2023-48795, CVE-2022-27191, CVE-2021-43565, CVE-2020-7919, CVE-2020-9283, CVE-2022-29526, See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
google.golang.org/grpc CVE-2023-44487 https://nvd.nist.gov/vuln/detail/CVE-2023-44487 This hyperlink is taking you to a website outside of Dell Technologies.
helm/v3 CVE-2023-25165, CVE-2022-23524, CVE-2022-23525, CVE-2022-23526 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
netty CVE-2023-34462 https://nvd.nist.gov/vuln/detail/CVE-2023-34462 This hyperlink is taking you to a website outside of Dell Technologies.
quarkus-core CVE-2023-2974 https://nvd.nist.gov/vuln/detail/CVE-2023-2974 This hyperlink is taking you to a website outside of Dell Technologies.
vertx-web CVE-2023-24815 https://nvd.nist.gov/vuln/detail/CVE-2023-24815 This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk CVE-2023-25193, CVE-2023-22041, CVE-2023-25193, CVE-2023-22041 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
kubernetes CVE-2020-8565, CVE-2019-11250, CVE-2023-2431, CVE-2023-2727, CVE-2023-2728, CVE-2019-11255 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
kobject.c CVE-2023-45863 https://nvd.nist.gov/vuln/detail/CVE-2023-45863 This hyperlink is taking you to a website outside of Dell Technologies.
krb5 CVE-2023-36054, CVE-2022-42898 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libcap CVE-2023-2603 https://nvd.nist.gov/vuln/detail/CVE-2023-2603 This hyperlink is taking you to a website outside of Dell Technologies.
libcom_err CVE-2022-1304 https://nvd.nist.gov/vuln/detail/CVE-2022-1304 This hyperlink is taking you to a website outside of Dell Technologies.
libcurl CVE-2023-28322, CVE-2023-28319, CVE-2023-28321, CVE-2023-27538, CVE-2023-27536, CVE-2023-32001, CVE-2023-23916, CVE-2022-32208, CVE-2022-32206, CVE-2023-27535, CVE-2023-23915, CVE-2023-23914, CVE-2022-43552, CVE-2022-43551, CVE-2022-42916, CVE-2022-32221, CVE-2023-28322, CVE-2023-27534, CVE-2023-27533 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libdbus-1-3 CVE-2023-34969 https://nvd.nist.gov/vuln/detail/CVE-2023-34969 This hyperlink is taking you to a website outside of Dell Technologies.
libexpat1 CVE-2022-43680, CVE-2022-40674 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libglib-2_0-0 CVE-2023-25180, CVE-2023-24593 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libgpg-error0 CVE-2020-10696, CVE-2021-20206, CVE-2022-2990 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libksba CVE-2022-3515, CVE-2022-47629 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libldap-2_4-2 CVE-2023-2953 https://nvd.nist.gov/vuln/detail/CVE-2023-2953 This hyperlink is taking you to a website outside of Dell Technologies.
ImageMagick CVE-2023-39978 https://nvd.nist.gov/vuln/detail/CVE-2023-39978 This hyperlink is taking you to a website outside of Dell Technologies.
libncurses6 CVE-2023-29491, CVE-2022-29458 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libopenssl1_1 CVE-2022-4304, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-2068, CVE-2022-1292, CVE-2022-2097, CVE-2023-2650, CVE-2023-0465, CVE-2023-0464, CVE-2023-3446, CVE-2023-3817, CVE-2023-0466, CVE-2023-2975 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libpcre2-8-0 CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 This hyperlink is taking you to a website outside of Dell Technologies.
libprotobuf-lite20 CVE-2021-22569, CVE-2022-1941, CVE-2022-3171 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libpython3 CVE-2023-24329, CVE-2022-45061, CVE-2022-42919, CVE-2022-37454, CVE-2020-10735, CVE-2015-20107, CVE-2022-0391, CVE-2023-27043, CVE-2022-40897, CVE-2021-3733, CVE-2022-2795, CVE-2022-38178, CVE-2022-3094, CVE-2022-38177, CVE-2021-25220, CVE-2023-2828, See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
librsvg2 CVE-2023-38633 https://nvd.nist.gov/vuln/detail/CVE-2023-38633 This hyperlink is taking you to a website outside of Dell Technologies.
libsqlite3-0 CVE-2022-46908, CVE-2020-24736, CVE-2020-35527, CVE-2022-35737 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libssh CVE-2023-2283, CVE-2023-1667, CVE-2023-38408 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libsystemd0 CVE-2022-4415, CVE-2022-3821 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libtasn1 CVE-2021-46848 https://nvd.nist.gov/vuln/detail/CVE-2021-46848 This hyperlink is taking you to a website outside of Dell Technologies.
libtiff-dev CVE-2023-0804, CVE-2023-0803, CVE-2023-0802, CVE-2023-0801, CVE-2023-0800, CVE-2023-0799, CVE-2023-0798, CVE-2023-0797, CVE-2023-0796, CVE-2023-0795, CVE-2022-48281, CVE-2022-4645, CVE-2022-3970, CVE-2022-1354, CVE-2022-1355, CVE-2022-1622, CVE-2022-1623, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-3627, CVE-2022-3626, CVE-2022-3599, CVE-2022-3598, CVE-2022-3597, CVE-2022-3570, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-34526, CVE-2022-2953, CVE-2023-30086, CVE-2023-30774, CVE-2023-25435, CVE-2023-25434 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libudev1 CVE-2022-4415, CVE-2022-3821 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libwebpdemux2 CVE-2023-1999 https://nvd.nist.gov/vuln/detail/CVE-2023-1999 This hyperlink is taking you to a website outside of Dell Technologies.
libx11 CVE-2023-3138 https://nvd.nist.gov/vuln/detail/CVE-2023-3138 This hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2023-29469, CVE-2022-40303, CVE-2016-3709, CVE-2022-40304, CVE-2023-28484, CVE-2022-2309 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2022-40303 https://nvd.nist.gov/vuln/detail/CVE-2022-40303 This hyperlink is taking you to a website outside of Dell Technologies.
libxpm4 CVE-2022-4883, CVE-2022-46285, CVE-2022-44617 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libzstd1 CVE-2022-4899 https://nvd.nist.gov/vuln/detail/CVE-2022-4899 This hyperlink is taking you to a website outside of Dell Technologies.
Linux kernel CVE-2023-46862, CVE-2023-5158, CVE-2023-6039, CVE-2023-6176, CVE-2023-39198, CVE-2023-2006, CVE-2023-4244, CVE-2023-5717 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
llvm CVE-2022-4899, CVE-2023-29933, CVE-2023-29935, CVE-2023-29934, CVE-2023-29941, CVE-2023-29942 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
login_defs CVE-2023-29383 https://nvd.nist.gov/vuln/detail/CVE-2023-29383 This hyperlink is taking you to a website outside of Dell Technologies.
apache CVE-2023-35887 https://nvd.nist.gov/vuln/detail/CVE-2023-35887 This hyperlink is taking you to a website outside of Dell Technologies.
bouncy castle CVE-2022-45146 https://nvd.nist.gov/vuln/detail/CVE-2022-45146 This hyperlink is taking you to a website outside of Dell Technologies.
keycloak CVE-2023-1664, CVE-2022-4361, CVE-2023-0105, CVE-2023-2585, CVE-2023-2422, CVE-2022-1471, See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
pcre2 CVE-2022-1586 https://nvd.nist.gov/vuln/detail/CVE-2022-1586 This hyperlink is taking you to a website outside of Dell Technologies.
perl CVE-2023-31484 https://nvd.nist.gov/vuln/detail/CVE-2023-31484 This hyperlink is taking you to a website outside of Dell Technologies.
pip CVE-2021-3572 https://nvd.nist.gov/vuln/detail/CVE-2021-3572 This hyperlink is taking you to a website outside of Dell Technologies.
protobuf-c CVE-2022-48468 https://nvd.nist.gov/vuln/detail/CVE-2022-48468 This hyperlink is taking you to a website outside of Dell Technologies.
qt5-srpm-macros CVE-2023-34410, CVE-2021-38593, CVE-2023-24607, CVE-2023-33285 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
requests CVE-2023-32681 https://nvd.nist.gov/vuln/detail/CVE-2023-32681 This hyperlink is taking you to a website outside of Dell Technologies.
rpm CVE-2021-35939, CVE-2021-35938, CVE-2021-35937 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
semver CVE-2022-25883 https://nvd.nist.gov/vuln/detail/CVE-2022-25883 This hyperlink is taking you to a website outside of Dell Technologies.
setuptools CVE-2022-40897 https://nvd.nist.gov/vuln/detail/CVE-2022-40897 This hyperlink is taking you to a website outside of Dell Technologies.
shadow CVE-2023-29383 https://nvd.nist.gov/vuln/detail/CVE-2023-29383 This hyperlink is taking you to a website outside of Dell Technologies.
systemd CVE-2022-3821, CVE-2022-4415, CVE-2022-2526, CVE-2023-26604 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
tar CVE-2022-48303 https://nvd.nist.gov/vuln/detail/CVE-2022-48303 This hyperlink is taking you to a website outside of Dell Technologies.
terminfo-base CVE-2023-29491 https://nvd.nist.gov/vuln/detail/CVE-2023-29491 This hyperlink is taking you to a website outside of Dell Technologies.
urllib3 CVE-2020-26137, CVE-2021-33503 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
vim CVE-2023-2609, CVE-2023-2426, CVE-2023-2610, CVE-2022-1897, CVE-2022-1927, CVE-2022-1785, See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
zlib CVE-2022-37434 https://nvd.nist.gov/vuln/detail/CVE-2022-37434 This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Remediated Versions Link
DELL Data Lakehouse System Software 1.0.0.0  1.0.0.0  https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/docs
 
 
Product Affected Versions Remediated Versions Link
DELL Data Lakehouse System Software 1.0.0.0  1.0.0.0  https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/docs
 
 
Customers can access the software installation process through the comprehensive Installation Guide

Revision History

RevisionDateDescription
1.02024-03-20Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

Dell Data Lakehouse

Last Published Date

20 Mar 2024

Version

2

Article Type

Dell Security Advisory

Back to Top