DSA-2023-381: Security Update for Dell ObjectScale 1.3 Vulnerabilities
Riepilogo: Dell ObjectScale 1.3 remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected systems
Questo articolo si applica a
Questo articolo non si applica a
Questo articolo non è legato a un prodotto specifico.
Non tutte le versioni del prodotto sono identificate in questo articolo.
Impatto
Critical
Dettagli
| Third-Party Component Name | CVEs | More Information |
|---|---|---|
| Apache Commons Net | CVE-2021-37533 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/  |
| cryptography | CVE-2020-36242 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| curl | CVE-2023-27538, CVE-2022-32221, CVE-2023-28319 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Git | CVE-2023-23946, CVE-2023-22490, CVE-2022-23521, CVE-2022-41903, CVE-2022-39260, CVE-2022-39253, CVE-2022-29187, CVE-2022-24765, CVE-2022-24975, CVE-2021-21300 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| github.com/containerd/containerd |
CVE-2023-25173, CVE-2023-25153 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| github.com/docker/docker |
CVE-2023-28840, CVE-2023-28841, CVE-2023-28842 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| github.com/prometheus/exporter-toolkit |
CVE-2022-46146 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| github.com/snowflakedb/gosnowflake |
CVE-2023-34231 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| glibc | CVE-2023-0687 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| go | CVE-2020-24553, CVE-2021-3114, CVE-2021-41772, CVE-2021-29923, CVE-2021-38297, CVE-2021-36221, CVE-2020-14039, CVE-2021-41771, CVE-2020-16845, CVE-2020-28362, CVE-2021-33198, CVE-2021-33196, CVE-2021-39293, CVE-2021-34558, CVE-2021-27918, CVE-2020-29510, CVE-2021-33195, CVE-2020-28367, CVE-2020-15586, CVE-2021-33197, CVE-2020-28366, CVE-2020-7919 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| golang.org/x/crypto |
CVE-2020-29652 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| golang.org/x/net |
CVE-2021-31525, CVE-2021-33194, CVE-2022-41721 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| golang.org/x/text |
CVE-2022-32149, CVE-2021-38561 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Grafana | CVE-2022-21713, CVE-2022-21703, CVE-2021-43815, CVE-2022-29170 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| helm/helm | CVE-2022-23526, CVE-2022-23525, CVE-2022-23524 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| jackson-databind | CVE-2021-46877 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Jettison - Json Stax implementation | CVE-2022-45685, CVE-2022-45693, CVE-2023-1436 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| less | CVE-2022-46663 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| protobuf-java | CVE-2022-3509, CVE-2022-3510, CVE-2022-3171, CVE-2021-22570 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Python programming language | CVE-2022-37454 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| python-wheel | CVE-2022-40898 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| SnakeYAML | CVE-2022-1471 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Spring Framework | CVE-2023-20860, CVE-2023-20861, CVE-2023-20863 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| sudo | CVE-2023-28487, CVE-2023-28486, CVE-2023-27320 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Vim | CVE-2023-1175, CVE-2023-1170, CVE-2023-1127, CVE-2023-0512, CVE-2023-0433, CVE-2023-1355, CVE-2023-1264 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
Prodotti interessati e correzione
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell ObjectScale | Versions 1.0.0, 1.0.1, 1.0.2, and 1.2.0 | Version 1.3.0 | To upgrade to ObjectScale 1.3.0 from older versions, please open a Technical Support case to assist with the ObjectScale upgrade to 1.3.0. https://www.dell.com/support/incidents-online/ |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell ObjectScale | Versions 1.0.0, 1.0.1, 1.0.2, and 1.2.0 | Version 1.3.0 | To upgrade to ObjectScale 1.3.0 from older versions, please open a Technical Support case to assist with the ObjectScale upgrade to 1.3.0. https://www.dell.com/support/incidents-online/ |
Soluzioni alternative e mitigazioni
None
Cronologia delle revisioni
| Revision | Date | Description |
| 1.0 | 2023-10-17 | Initial Release |
| 2.0 | 2023-11-27 | Updated language in the Affected Products and Remediation Table. Separated instructions for fresh installations and upgrading to 1.3.0 into two distinct line items. Updates are for enhanced presentation only, does not change the content. |
Informazioni correlate
Dichiarazione di non responsabilità
Prodotti interessati
ObjectScaleProprietà dell'articolo
Numero articolo: 000218660
Tipo di articolo: Dell Security Advisory
Ultima modifica: 08 nov 2025
Trova risposta alle tue domande dagli altri utenti Dell
Support Services
Verifica che il dispositivo sia coperto dai Servizi di supporto.