DSA-2023-460: Security Update for Dell Streaming Data Platform for Multiple Third-Party Component Vulnerabilities.

Summary: Dell Streaming Data Platform remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Acest articol se aplică pentru Acest articol nu se aplică pentru Acest articol nu este legat de un produs specific. Acest articol nu acoperă toate versiunile de produs existente.
Consultați alte resurse

Impact

Critical

Details

Third-party Component CVEs More Information
bind9 CVE-2022-3924, CVE-2022-38178, CVE-2022-38177, CVE-2022-3736, CVE-2022-2881, CVE-2022-3080, CVE-2022-3094, CVE-2023-2828, CVE-2023-2911, CVE-2022-2795 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
fasterXML jackson-databind CVE-2017-17485, CVE-2017-7525, CVE-2018-7489, CVE-2020-10650, CVE-2020-35490, CVE-2020-35491, CVE-2020-10673, CVE-2020-25649 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
xstream CVE-2022-41966, CVE-2022-40152, CVE-2022-40151 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
commons IO CVE-2021-29425 https://nvd.nist.gov/vuln/detail/CVE-2021-29425 This hyperlink is taking you to a website outside of Dell Technologies.
cryptography CVE-2023-38325 https://nvd.nist.gov/vuln/detail/CVE-2023-38325 This hyperlink is taking you to a website outside of Dell Technologies.
D-bus CVE-2023-34969 https://nvd.nist.gov/vuln/detail/CVE-2023-34969 This hyperlink is taking you to a website outside of Dell Technologies.
decode-uri-component CVE-2022-38900, CVE-2022-38778, See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
derby CVE-2018-1313 https://nvd.nist.gov/vuln/detail/CVE-2018-1313 This hyperlink is taking you to a website outside of Dell Technologies.
git-core CVE-2023-29007, CVE-2023-25815, CVE-2023-25652 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
cloudflare CVE-2023-1732 https://nvd.nist.gov/vuln/detail/CVE-2023-1732 This hyperlink is taking you to a website outside of Dell Technologies.
saml CVE-2023-28119, CVE-2022-41912 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
prometheus Exporter Toolkit CVE-2022-46146 https://nvd.nist.gov/vuln/detail/CVE-2022-46146 This hyperlink is taking you to a website outside of Dell Technologies.
goxmldsig CVE-2020-7711 https://nvd.nist.gov/vuln/detail/CVE-2020-7711 This hyperlink is taking you to a website outside of Dell Technologies.
rekor CVE-2023-30551, CVE-2023-33199 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
glob-parent CVE-2021-35065 https://nvd.nist.gov/vuln/detail/CVE-2021-35065 This hyperlink is taking you to a website outside of Dell Technologies.
go CVE-2022-32190 https://nvd.nist.gov/vuln/detail/CVE-2022-32190 This hyperlink is taking you to a website outside of Dell Technologies.
crypto CVE-2020-9283 https://nvd.nist.gov/vuln/detail/CVE-2020-9283 This hyperlink is taking you to a website outside of Dell Technologies.
http-cache-semantics CVE-2022-25881 https://nvd.nist.gov/vuln/detail/CVE-2022-25881 This hyperlink is taking you to a website outside of Dell Technologies.
fabric8_kubernetes-client CVE-2021-20218 https://nvd.nist.gov/vuln/detail/CVE-2021-20218 This hyperlink is taking you to a website outside of Dell Technologies.
Netty CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2022-41881, CVE-2021-37136, CVE-2021-37137, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-43797, CVE-2022-24823, CVE-2023-34462, CVE-2021-37136, CVE-2021-37137, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-43797 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Netty CVE-2022-41881 https://nvd.nist.gov/vuln/detail/CVE-2022-41881 This hyperlink is taking you to a website outside of Dell Technologies.
Nettty-codec-http3 CVE-2021-21409 https://nvd.nist.gov/vuln/detail/CVE-2021-21409 This hyperlink is taking you to a website outside of Dell Technologies.
Quarkus  CVE-2022-4147, CVE-2023-0044, CVE-2022-4116 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
java CVE-2023-21830, CVE-2023-21835 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk CVE-2023-21930, CVE-2023-25193, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-22041, See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk-headless CVE-2023-21930, CVE-2023-25193, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-22041 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
json5 CVE-2022-46175 https://nvd.nist.gov/vuln/detail/CVE-2022-46175 This hyperlink is taking you to a website outside of Dell Technologies.
Kubernetes CVE-2020-8565, CVE-2019-11255 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
kotlin-stdlib CVE-2020-29582, CVE-2022-24329 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apparmor CVE-2016-1585 https://nvd.nist.gov/vuln/detail/CVE-2016-1585 This hyperlink is taking you to a website outside of Dell Technologies.
avahi CVE-2023-1981, CVE-2023-38469, CVE-2023-38471, CVE-2023-38470, CVE-2023-38472, CVE-2023-38473 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
FFmpeg CVE-2022-48434, CVE-2022-3964, CVE-2022-3109, CVE-2022-3341 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2020-1751 https://nvd.nist.gov/vuln/detail/CVE-2020-1751 This hyperlink is taking you to a website outside of Dell Technologies.
libcap-progs CVE-2023-2603 https://nvd.nist.gov/vuln/detail/CVE-2023-2603 This hyperlink is taking you to a website outside of Dell Technologies.
libcares2 CVE-2023-32067, CVE-2023-31147, CVE-2023-31130 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libc-bin CVE-2021-3999 https://nvd.nist.gov/vuln/detail/CVE-2021-3999
libcups3 CVE-2023-34241 https://nvd.nist.gov/vuln/detail/CVE-2023-34241
curl CVE-2023-23914, CVE-2022-43551, CVE-2022-42916, CVE-2022-32221, CVE-2023-23916, CVE-2023-23915, CVE-2022-43552, CVE-2023-28319, CVE-2023-28321, CVE-2023-28320 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libcurl CVE-2023-23914, CVE-2022-43551, CVE-2022-42916, CVE-2023-23915 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libdbus-1-3 CVE-2023-34969 https://nvd.nist.gov/vuln/detail/CVE-2023-34969 This hyperlink is taking you to a website outside of Dell Technologies.
libexpat2 CVE-2022-40674 https://nvd.nist.gov/vuln/detail/CVE-2022-40674 This hyperlink is taking you to a website outside of Dell Technologies.
libglib2.0-1 CVE-2023-32643, CVE-2023-32636, CVE-2023-32611, CVE-2023-29499 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libgnutls31 CVE-2022-2509 https://nvd.nist.gov/vuln/detail/CVE-2022-2509 This hyperlink is taking you to a website outside of Dell Technologies.
GNU Compiler Collection (GCC) CVE-2018-12886 https://nvd.nist.gov/vuln/detail/CVE-2018-12886 This hyperlink is taking you to a website outside of Dell Technologies.
libjpeg-turbo CVE-2023-2804 https://nvd.nist.gov/vuln/detail/CVE-2023-2804 This hyperlink is taking you to a website outside of Dell Technologies.
krb5 CVE-2022-42898 https://nvd.nist.gov/vuln/detail/CVE-2022-42898 This hyperlink is taking you to a website outside of Dell Technologies.
libllvm16 CVE-2023-29932, CVE-2023-29934, CVE-2023-29933 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libncurses CVE-2022-29458 https://nvd.nist.gov/vuln/detail/CVE-2022-29458 This hyperlink is taking you to a website outside of Dell Technologies.
libncursesw6 CVE-2023-29491 https://nvd.nist.gov/vuln/detail/CVE-2023-29491 This hyperlink is taking you to a website outside of Dell Technologies.  
libopenssl1_1 CVE-2023-0465 https://nvd.nist.gov/vuln/detail/CVE-2023-0465 This hyperlink is taking you to a website outside of Dell Technologies.
libpcre2-8-1 CVE-2022-1587 https://nvd.nist.gov/vuln/detail/CVE-2022-1587 This hyperlink is taking you to a website outside of Dell Technologies.
libprocps8,procps CVE-2023-4016 https://nvd.nist.gov/vuln/detail/CVE-2023-4016 This hyperlink is taking you to a website outside of Dell Technologies.
librsvg CVE-2023-38633 https://nvd.nist.gov/vuln/detail/CVE-2023-38633 This hyperlink is taking you to a website outside of Dell Technologies.
openssl CVE-2023-0464, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2023-0466, CVE-2023-0465, CVE-2022-4304, CVE-2022-2097, CVE-2023-3446, CVE-2023-2650, CVE-2023-0464, CVE-2023-0466, CVE-2023-0465, CVE-2023-2975, CVE-2023-3446, CVE-2023-0464, CVE-2023-1255, CVE-2023-2975, CVE-2023-3446, CVE-2023-0466, CVE-2023-0465, CVE-2023-2650, CVE-2023-0464, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2023-0466, CVE-2023-0465, CVE-2022-4304, CVE-2022-2097, CVE-2023-0465 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
systemd CVE-2022-3821 https://nvd.nist.gov/vuln/detail/CVE-2022-3821 This hyperlink is taking you to a website outside of Dell Technologies.
libtirpc CVE-2021-46828 https://nvd.nist.gov/vuln/detail/CVE-2021-46828 This hyperlink is taking you to a website outside of Dell Technologies.
libwebp7 CVE-2023-1999 https://nvd.nist.gov/vuln/detail/CVE-2023-1999 This hyperlink is taking you to a website outside of Dell Technologies.
libX11-6 CVE-2023-3138 https://nvd.nist.gov/vuln/detail/CVE-2023-3138 This hyperlink is taking you to a website outside of Dell Technologies.
libxml3 CVE-2022-40303, CVE-2023-29469, CVE-2023-28484 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libxml2-2 CVE-2023-29469, CVE-2023-28484 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
log4j CVE-2023-26464, CVE-2019-17571, CVE-2020-9493, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2021-4104 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
ncurses CVE-2022-29458 https://nvd.nist.gov/vuln/detail/CVE-2022-29458 This hyperlink is taking you to a website outside of Dell Technologies.
ncurses-utils CVE-2023-29491 https://nvd.nist.gov/vuln/detail/CVE-2023-29491 This hyperlink is taking you to a website outside of Dell Technologies.
node-jose CVE-2023-25653 https://nvd.nist.gov/vuln/detail/CVE-2023-25653 This hyperlink is taking you to a website outside of Dell Technologies.
nodejs18 CVE-2023-32067, CVE-2022-25881, CVE-2023-30581, CVE-2023-31147, CVE-2023-31130, CVE-2023-30589, CVE-2023-30590, CVE-2023-30588, CVE-2023-30585 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
npm18 CVE-2023-32067, CVE-2022-25881, CVE-2023-30581, CVE-2023-31147, CVE-2023-31130, CVE-2023-30589, CVE-2023-30590, CVE-2023-30588, CVE-2023-30585 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
apache bookkeeper  CVE-2022-32531 https://nvd.nist.gov/vuln/detail/CVE-2022-32531 This hyperlink is taking you to a website outside of Dell Technologies.
apache aalcite CVE-2022-39135, CVE-2020-13955 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
apache hadoop CVE-2016-6811, CVE-2017-7669, CVE-2020-9492, CVE-2021-37404, CVE-2022-26612 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
apache hadoop-hdfs CVE-2016-6811, CVE-2017-15718, CVE-2017-3166, CVE-2018-1296, CVE-2018-8029, CVE-2020-9492, CVE-2021-33036, CVE-2022-25168, CVE-2017-15713 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
apache hadoop CVE-2021-33036 https://nvd.nist.gov/vuln/detail/CVE-2021-33036
apache commons HttpClient CVE-2012-6153, CVE-2011-1498, CVE-2014-3577, CVE-2015-5262 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
apache james mime4j CVE-2022-45787 https://nvd.nist.gov/vuln/detail/CVE-2022-45787 This hyperlink is taking you to a website outside of Dell Technologies.
apache spark CVE-2018-17190 https://nvd.nist.gov/vuln/detail/CVE-2018-17190 This hyperlink is taking you to a website outside of Dell Technologies.
apache sshd CVE-2022-45047 https://nvd.nist.gov/vuln/detail/CVE-2022-45047 This hyperlink is taking you to a website outside of Dell Technologies.
apache zookeeper CVE-2016-5017, CVE-2017-5637, CVE-2018-8012, CVE-2019-0201 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
jetty CVE-2021-28169, CVE-2021-34429 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
jsoup CVE-2022-36033 https://nvd.nist.gov/vuln/detail/CVE-2022-36033 This hyperlink is taking you to a website outside of Dell Technologies.
keycloak-core CVE-2022-1245, CVE-2021-3754, CVE-2021-20323, CVE-2021-3827, CVE-2022-0225, CVE-2022-1466 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
keycloak-server CVE-2023-2585 https://access.redhat.com/security/cve/cve-2023-2585  This hyperlink is taking you to a website outside of Dell Technologies.
keycloak CVE-2023-0264, CVE-2023-2422, CVE-2022-4361, CVE-2022-1274, CVE-2022-1438, CVE-2023-2585 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
https://access.redhat.com/security/cve/cve-2023-2585  This hyperlink is taking you to a website outside of Dell Technologies.
https://access.redhat.com/security/cve/cve-2023-2585  This hyperlink is taking you to a website outside of Dell Technologies.
postgresql CVE-2022-41946  https://nvd.nist.gov/vuln/detail/CVE-2022-41946 This hyperlink is taking you to a website outside of Dell Technologies.
wildfly-elytron CVE-2022-3143  https://nvd.nist.gov/vuln/detail/CVE-2022-3143 This hyperlink is taking you to a website outside of Dell Technologies.
snakeYaml CVE-2017-18640  https://nvd.nist.gov/vuln/detail/CVE-2017-18640 This hyperlink is taking you to a website outside of Dell Technologies.
pyspark CVE-2023-32007, CVE-2021-38296, CVE-2022-33891, CVE-2020-27218 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
python CVE-2022-42919, CVE-2018-25032, CVE-2020-10735, CVE-2015-20107, CVE-2023-27043, CVE-2023-24329, CVE-2023-32681 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
qs CVE-2022-24999 https://nvd.nist.gov/vuln/detail/CVE-2022-24999 This hyperlink is taking you to a website outside of Dell Technologies.
busybox CVE-2022-30065 https://nvd.nist.gov/vuln/detail/CVE-2022-30065 This hyperlink is taking you to a website outside of Dell Technologies.
xerces_xercesImpl CVE-2012-0881, CVE-2013-4002, CVE-2009-2625 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
zlib CVE-2022-37434  https://nvd.nist.gov/vuln/detail/CVE-2022-37434 This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Produse afectate și măsuri de remediere

Product Affected Versions Remediated Versions Link
Dell Streaming Data Platform Versions 1.1.x through 1.8.x  1.9.0 https://www.dell.com/support/home/product-support/product/streaming-data-platform/drivers
 
Product Affected Versions Remediated Versions Link
Dell Streaming Data Platform Versions 1.1.x through 1.8.x  1.9.0 https://www.dell.com/support/home/product-support/product/streaming-data-platform/drivers
 
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Revision History

RevisionDateDescription
1.02023-12-19Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Exonerare de răspundere

Produse afectate

Streaming Data Platform Family, Streaming Data Platform
Proprietăți articol
Article Number: 000220577
Article Type: Dell Security Advisory
Ultima modificare: 19 sept. 2025
Găsiți răspunsuri la întrebările dvs. de la alți utilizatori Dell
Servicii de asistență
Verificați dacă dispozitivul dvs. este acoperit de serviciile de asistență.