DSA-2023-303: Security Update for Dell Streaming Data Platform
摘要: Dell Streaming Data Platform remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
影响
Critical
详情
| Third-party Component | CVEs | More Information |
|---|---|---|
| busybox | CVE-2022-28391, CVE-2021-42377, CVE-2021-42373 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/  |
| ca-certificates | CVE-2022-23491 | https://nvd.nist.gov/vuln/detail/CVE-2022-23491 |
| fasterXML jackson-databind | CVE-2018-7489, CVE-2020-36518, CVE-2021-46877, CVE-2020-10650, CVE-2020-10673, CVE-2020-25649, CVE-2020-35490, CVE-2020-35491 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| protobuf-java | CVE-2021-22569, CVE-2022-3509, CVE-2022-3510 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| com.thoughtworks.xstream_xstream | CVE-2022-40151 | https://nvd.nist.gov/vuln/detail/CVE-2022-40151 |
| cryptography | CVE-2023-0286, CVE-2023-23931 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| dpkg | CVE-2022-1664 | https://nvd.nist.gov/vuln/detail/CVE-2022-1664 |
| libexpat | CVE-2022-43680 | https://nvd.nist.gov/vuln/detail/CVE-2022-43680 |
| containerd | CVE-2022-23471, CVE-2023-25173 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| docker | CVE-2023-28840, CVE-2023-28841, CVE-2023-28842 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| runc | CVE-2023-27561, CVE-2023-28642 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| client_golang | CVE-2022-21698 | https://nvd.nist.gov/vuln/detail/CVE-2022-21698 |
| prometheus exporter-toolkit | CVE-2022-46146 | https://nvd.nist.gov/vuln/detail/CVE-2022-46146 |
| go | CVE-2023-24536, CVE-2022-41725, CVE-2023-24537, CVE-2023-24532, CVE-2023-24534, CVE-2022-41724, CVE-2023-24538, CVE-2022-41716, CVE-2022-41723, CVE-2022-41717, CVE-2022-41715, CVE-2022-2880, CVE-2022-2879, CVE-2023-29013, CVE-2022-30635, CVE-2022-32190, CVE-2022-1705, CVE-2022-30633, CVE-2022-30630, CVE-2022-1962, CVE-2022-30632, CVE-2022-30631, CVE-2022-28131, CVE-2022-32148, CVE-2022-32189, CVE-2022-30580, CVE-2021-33194, CVE-2021-33195, CVE-2021-41772, CVE-2020-24553, CVE-2022-24921, CVE-2020-28367, CVE-2022-24675, CVE-2021-41771, CVE-2022-23772, CVE-2021-34558, CVE-2021-38297, CVE-2020-28362, CVE-2021-39293, CVE-2022-23806, CVE-2022-28327, CVE-2020-28366, CVE-2021-33198, CVE-2021-33196, CVE-2020-29510, CVE-2022-23773, CVE-2021-36221, CVE-2021-3114, CVE-2021-33197, CVE-2021-27918, CVE-2021-29923 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| golang.org/x/crypto | CVE-2021-43565, CVE-2022-1996, CVE-2022-27191 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| golang.org/x/net | CVE-2022-27664, CVE-2022-41723, CVE-2022-41721 | |
| golang.org/x/sys | CVE-2022-29526 | https://nvd.nist.gov/vuln/detail/CVE-2022-29526 |
| gzip | CVE-2022-1271 | https://nvd.nist.gov/vuln/detail/CVE-2022-1271 |
| netty | CVE-2022-24823, CVE-2022-41915 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| ipython | CVE-2023-24816 | https://nvd.nist.gov/vuln/detail/CVE-2023-24816 |
| kubernetes | CVE-2020-8558, CVE-2021-25741 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| glibc | CVE-2020-1751, CVE-2020-1752, CVE-2020-6096, CVE-2021-3326, CVE-2021-33574, CVE-2021-35942, CVE-2022-23218, CVE-2022-23219 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| curl | CVE-2022-42916, CVE-2022-43551, CVE-2023-23914, CVE-2023-23915 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| libgcc1 | CVE-2018-12886 | https://nvd.nist.gov/vuln/detail/CVE-2018-12886 |
| gnuTLS | CVE-2023-0361 | https://nvd.nist.gov/vuln/detail/CVE-2023-0361 |
| ncurses | CVE-2023-29491, CVE-2022-29458 | https://nvd.nist.gov/vuln/detail/CVE-2023-29491 |
| cpan | CVE-2020-16156 | https://nvd.nist.gov/vuln/detail/CVE-2020-16156 |
| openssl | CVE-2022-4450, CVE-2023-0215, CVE-2022-4304, CVE-2023-0464, CVE-2023-0466, CVE-2023-0465, | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| systemd | CVE-2022-3821, CVE-2022-4415 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| libxml2 | CVE-2023-28484 | https://nvd.nist.gov/vuln/detail/CVE-2023-28484 |
| npm | CVE-2022-29244 | https://nvd.nist.gov/vuln/detail/CVE-2022-29244 |
| oauthlib | CVE-2022-36087 | https://nvd.nist.gov/vuln/detail/CVE-2022-36087 |
| Apache common text | CVE-2022-42889 | https://nvd.nist.gov/vuln/detail/CVE-2022-42889 |
| Apache hadoop | CVE-2022-25168 | https://nvd.nist.gov/vuln/detail/CVE-2022-25168 |
| Apache spark | CVE-2023-22946 | https://nvd.nist.gov/vuln/detail/CVE-2023-22946 |
| jetty | CVE-2023-26049, CVE-2023-26048 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| keycloak | CVE-2022-1245, CVE-2021-3754, CVE-2022-1466, CVE-2022-0225, CVE-2021-20323, CVE-2021-3827 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| snakeYaml | CVE-2022-1471 | https://nvd.nist.gov/vuln/detail/CVE-2022-1471 |
| python | CVE-2015-20107, CVE-2022-42919, CVE-2023-27043, CVE-2023-24329, CVE-2020-10735 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| python3 | CVE-2022-45061, CVE-2022-37454, CVE-2022-42919 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| setuptools | CVE-2022-40897 | https://nvd.nist.gov/vuln/detail/CVE-2022-40897 |
| sqlite | CVE-2022-46908 | https://nvd.nist.gov/vuln/detail/CVE-2022-46908 |
| sudo | CVE-2023-22809, CVE-2023-28487, CVE-2023-28486 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| tar | CVE-2022-48303 | https://nvd.nist.gov/vuln/detail/CVE-2022-48303 |
| wheel | CVE-2022-40898 | https://nvd.nist.gov/vuln/detail/CVE-2022-40898 |
| zlib | CVE-2018-25032, CVE-2022-37434 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Third-party Component | CVEs | More Information |
|---|---|---|
| busybox | CVE-2022-28391, CVE-2021-42377, CVE-2021-42373 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| ca-certificates | CVE-2022-23491 | https://nvd.nist.gov/vuln/detail/CVE-2022-23491 |
| fasterXML jackson-databind | CVE-2018-7489, CVE-2020-36518, CVE-2021-46877, CVE-2020-10650, CVE-2020-10673, CVE-2020-25649, CVE-2020-35490, CVE-2020-35491 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| protobuf-java | CVE-2021-22569, CVE-2022-3509, CVE-2022-3510 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| com.thoughtworks.xstream_xstream | CVE-2022-40151 | https://nvd.nist.gov/vuln/detail/CVE-2022-40151 |
| cryptography | CVE-2023-0286, CVE-2023-23931 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| dpkg | CVE-2022-1664 | https://nvd.nist.gov/vuln/detail/CVE-2022-1664 |
| libexpat | CVE-2022-43680 | https://nvd.nist.gov/vuln/detail/CVE-2022-43680 |
| containerd | CVE-2022-23471, CVE-2023-25173 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| docker | CVE-2023-28840, CVE-2023-28841, CVE-2023-28842 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| runc | CVE-2023-27561, CVE-2023-28642 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| client_golang | CVE-2022-21698 | https://nvd.nist.gov/vuln/detail/CVE-2022-21698 |
| prometheus exporter-toolkit | CVE-2022-46146 | https://nvd.nist.gov/vuln/detail/CVE-2022-46146 |
| go | CVE-2023-24536, CVE-2022-41725, CVE-2023-24537, CVE-2023-24532, CVE-2023-24534, CVE-2022-41724, CVE-2023-24538, CVE-2022-41716, CVE-2022-41723, CVE-2022-41717, CVE-2022-41715, CVE-2022-2880, CVE-2022-2879, CVE-2023-29013, CVE-2022-30635, CVE-2022-32190, CVE-2022-1705, CVE-2022-30633, CVE-2022-30630, CVE-2022-1962, CVE-2022-30632, CVE-2022-30631, CVE-2022-28131, CVE-2022-32148, CVE-2022-32189, CVE-2022-30580, CVE-2021-33194, CVE-2021-33195, CVE-2021-41772, CVE-2020-24553, CVE-2022-24921, CVE-2020-28367, CVE-2022-24675, CVE-2021-41771, CVE-2022-23772, CVE-2021-34558, CVE-2021-38297, CVE-2020-28362, CVE-2021-39293, CVE-2022-23806, CVE-2022-28327, CVE-2020-28366, CVE-2021-33198, CVE-2021-33196, CVE-2020-29510, CVE-2022-23773, CVE-2021-36221, CVE-2021-3114, CVE-2021-33197, CVE-2021-27918, CVE-2021-29923 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| golang.org/x/crypto | CVE-2021-43565, CVE-2022-1996, CVE-2022-27191 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| golang.org/x/net | CVE-2022-27664, CVE-2022-41723, CVE-2022-41721 | |
| golang.org/x/sys | CVE-2022-29526 | https://nvd.nist.gov/vuln/detail/CVE-2022-29526 |
| gzip | CVE-2022-1271 | https://nvd.nist.gov/vuln/detail/CVE-2022-1271 |
| netty | CVE-2022-24823, CVE-2022-41915 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| ipython | CVE-2023-24816 | https://nvd.nist.gov/vuln/detail/CVE-2023-24816 |
| kubernetes | CVE-2020-8558, CVE-2021-25741 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| glibc | CVE-2020-1751, CVE-2020-1752, CVE-2020-6096, CVE-2021-3326, CVE-2021-33574, CVE-2021-35942, CVE-2022-23218, CVE-2022-23219 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| curl | CVE-2022-42916, CVE-2022-43551, CVE-2023-23914, CVE-2023-23915 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| libgcc1 | CVE-2018-12886 | https://nvd.nist.gov/vuln/detail/CVE-2018-12886 |
| gnuTLS | CVE-2023-0361 | https://nvd.nist.gov/vuln/detail/CVE-2023-0361 |
| ncurses | CVE-2023-29491, CVE-2022-29458 | https://nvd.nist.gov/vuln/detail/CVE-2023-29491 |
| cpan | CVE-2020-16156 | https://nvd.nist.gov/vuln/detail/CVE-2020-16156 |
| openssl | CVE-2022-4450, CVE-2023-0215, CVE-2022-4304, CVE-2023-0464, CVE-2023-0466, CVE-2023-0465, | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| systemd | CVE-2022-3821, CVE-2022-4415 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| libxml2 | CVE-2023-28484 | https://nvd.nist.gov/vuln/detail/CVE-2023-28484 |
| npm | CVE-2022-29244 | https://nvd.nist.gov/vuln/detail/CVE-2022-29244 |
| oauthlib | CVE-2022-36087 | https://nvd.nist.gov/vuln/detail/CVE-2022-36087 |
| Apache common text | CVE-2022-42889 | https://nvd.nist.gov/vuln/detail/CVE-2022-42889 |
| Apache hadoop | CVE-2022-25168 | https://nvd.nist.gov/vuln/detail/CVE-2022-25168 |
| Apache spark | CVE-2023-22946 | https://nvd.nist.gov/vuln/detail/CVE-2023-22946 |
| jetty | CVE-2023-26049, CVE-2023-26048 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| keycloak | CVE-2022-1245, CVE-2021-3754, CVE-2022-1466, CVE-2022-0225, CVE-2021-20323, CVE-2021-3827 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| snakeYaml | CVE-2022-1471 | https://nvd.nist.gov/vuln/detail/CVE-2022-1471 |
| python | CVE-2015-20107, CVE-2022-42919, CVE-2023-27043, CVE-2023-24329, CVE-2020-10735 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| python3 | CVE-2022-45061, CVE-2022-37454, CVE-2022-42919 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| setuptools | CVE-2022-40897 | https://nvd.nist.gov/vuln/detail/CVE-2022-40897 |
| sqlite | CVE-2022-46908 | https://nvd.nist.gov/vuln/detail/CVE-2022-46908 |
| sudo | CVE-2023-22809, CVE-2023-28487, CVE-2023-28486 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| tar | CVE-2022-48303 | https://nvd.nist.gov/vuln/detail/CVE-2022-48303 |
| wheel | CVE-2022-40898 | https://nvd.nist.gov/vuln/detail/CVE-2022-40898 |
| zlib | CVE-2018-25032, CVE-2022-37434 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
受影响的产品和补救措施
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell Streaming Data Platform | Versions 1.1.x through 1.7.x | 1.8.0 | https://www.dell.com/support/home/product-support/product/streaming-data-platform/drivers |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell Streaming Data Platform | Versions 1.1.x through 1.7.x | 1.8.0 | https://www.dell.com/support/home/product-support/product/streaming-data-platform/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
修订历史记录
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-09-13 | Initial Release |
相关信息
法律免责声明
受影响的产品
Streaming Data Platform Family, Streaming Data Platform文章属性
文章编号: 000217490
文章类型: Dell Security Advisory
上次修改时间: 19 9月 2025
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。