DSA-2023-127: Dell PowerProtect Data Manager Security Update for Multiple Security Vulnerabilities
摘要: Dell PowerProtect Data Manager remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Critical
詳細資料
Operating System Components CVE Details:
PPDM Core
PPDM-UI
PPDM Cloud Disaster Recovery
PPDM Kubernetes cProxy
PPDM Native Reporting
Cloud Snapshot Manager
PPDM AppAgents
| Third Party Component | CVEs | More Information |
| libpython3_6m1_0=3.6.15-32.2 python36-base=3.6.15-32.2 python36=3.6.15-32.2 |
CVE-2022-37454 | See NVD ( http://nvd.nist.gov/)  for individual scores for Each CVE |
| bind-utils=9.11.22-3.43.1 libbind9-161=9.11.22-3.43.1 libdns1110=9.11.22-3.43.1 libirs161=9.11.22-3.43.1 libisc1107=9.11.22-3.43.1 libisccc161=9.11.22-3.43.1 libisccfg163=9.11.22-3.43.1 liblwres161=9.11.22-3.43.1 python-bind=9.11.22-3.43.1 |
CVE-2022-2795 CVE-2022-38177 CVE-2022-38178 |
|
| tar-lang=1.27.1-15.18.1 tar=1.27.1-15.18.1 |
CVE-2022-48303 | |
| samba-client-libs=4.15.13+git.534.0d9f8ece26-3.77.1 samba-libs-python3=4.15.13+git.534.0d9f8ece26-3.77.1 samba-libs=4.15.13+git.534.0d9f8ece26-3.77.1 |
CVE-2021-20251 CVE-2022-38023 |
|
| libtirpc-netconfig=1.0.1-17.24.1 libtirpc3=1.0.1-17.24.1 |
CVE-2021-46828 | |
| dbus-1-x11=1.8.22-41.1 dbus-1=1.8.22-41.1 libdbus-1-3=1.8.22-41.1 |
CVE-2022-42010 | |
| libopenssl1_0_0=1.0.2p-3.64.1 libopenssl1_1=1.1.1d-2.75.1 openssl-1_0_0=1.0.2p-3.64.1 |
CVE-2023-0286 | |
| libsqlite3-0=3.39.3-9.26.1 sqlite3-tcl=3.39.3-9.26.1 |
CVE-2022-46908 | |
| libmspack0=0.4-15.13.1 | CVE-2018-18586 | |
| glibc-i18ndata=2.22-114.22.1 glibc-locale=2.22-114.22.1 glibc=2.22-114.22.1 |
CVE-2015-8985 | |
| emacs-info=24.3-25.9.1 emacs-nox=24.3-25.9.1 emacs=24.3-25.9.1 etags=24.3-25.9.1 |
CVE-2022-45939 | |
| git-core=2.26.2-27.66.1 | CVE-2023-22490 | |
| grub2-i386-pc=2.02-156.1 grub2-snapper-plugin=2.02-156.1 grub2-systemd-sleep-plugin=2.02-156.1 grub2=2.02-156.1 |
CVE-2022-2601 CVE-2022-3775 |
|
| expat=2.1.0-21.28.1 libexpat1=2.1.0-21.28.1 |
CVE-2022-43680 | |
| libxml2-2=2.9.4-46.59.2 libxml2-tools=2.9.4-46.59.2 |
CVE-2022-40303 | |
| python3-setuptools=40.6.2-4.21.1 python36-setuptools=44.1.1-8.6.1 |
CVE-2022-40897 | |
| libpython3_4m1_0=3.4.10-25.105.1 python3-base=3.4.10-25.105.1 |
CVE-2022-40899 | |
| w3m=0.5.3.git20161120-161.6.1 | CVE-2022-38223 | |
| containerd=1.6.12-16.68.1 | CVE-2022-23471 CVE-2022-27191 |
|
| libX11-6=1.6.2-12.24.1 libX11-data=1.6.2-12.24.1 |
CVE-2022-3554 CVE-2022-3555 |
|
| libsnmp30=5.7.3-11.6.1 net-snmp=5.7.3-11.6.1 perl-SNMP=5.7.3-11.6.1 snmp-mibs=5.7.3-11.6.1 |
CVE-2022-44793 | |
| vim-data-common=9.0.1234-17.12.1 vim-data=9.0.1234-17.12.1 vim=9.0.1234-17.12.1 |
CVE-2021-3928 CVE-2022-3234 CVE-2022-3235 CVE-2022-3324 CVE-2022-3491 CVE-2022-3520 CVE-2022-3591 CVE-2022-3705 CVE-2022-4141 CVE-2022-4292 CVE-2022-4293 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 |
|
| rpm=4.11.2-16.26.1 | CVE-2021-20271 CVE-2021-3421 |
|
| java-11-openjdk-headless=11.0.18.0-3.52.1 | CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 CVE-2022-39399 CVE-2023-21835 CVE-2023-21843 |
|
| libfreebl3-hmac=3.79.4-58.94.1 libfreebl3=3.79.4-58.94.1 libsoftokn3-hmac=3.79.4-58.94.1 libsoftokn3=3.79.4-58.94.1 mozilla-nss-certs=3.79.4-58.94.1 mozilla-nss=3.79.4-58.94.1 |
CVE-2022-23491 CVE-2022-3479 CVE-2023-0767 |
|
| krb5=1.12.5-40.46.1 | CVE-2022-42898 | |
| sudo=1.8.27-4.33.1 | CVE-2023-22809 | |
| libpython2_7-1_0=2.7.18-33.17.1 python-base=2.7.18-33.17.1 python-xml=2.7.18-33.17.1 python3=3.4.10-25.105.1 |
CVE-2022-45061 | |
| libksba8=1.3.0-24.6.1 | CVE-2022-47629 | |
| curl=7.60.0-11.55.1 libcurl4=7.60.0-11.55.1 |
CVE-2023-23916 | |
| libsystemd0=228-157.49.1 libudev1=228-157.49.1 systemd-bash-completion=228-157.49.1 systemd-sysvinit=228-157.49.1 systemd=228-157.49.1 udev=228-157.49.1 |
CVE-2022-4415 | |
| ucode-intel=20230214-3.49.1 | CVE-2022-21216 CVE-2022-33196 CVE-2022-38090 |
|
| libtasn1-6=4.9-3.13.1 libtasn1=4.9-3.13.1 |
CVE-2021-46848 | |
| python3-py=1.8.1-11.15.2 | CVE-2020-29651 CVE-2022-42969 |
|
| kernel-default=4.12.14-122.147.1 | CVE-2023-23454 | |
| libdb-4_8=4.8.30-33.1 | CVE-2019-2708 | |
| dhcp-client=4.3.3-10.28.1 dhcp=4.3.3-10.28.1 |
CVE-2022-2928 CVE-2022-2929 |
|
| kpartx=0.7.9+232+suse.cbc3754-3.14.1 | CVE-2022-41973 | |
| libpq5=15.2-3.6.1 postgresql14-server=14.7-3.20.1 postgresql14=14.7-3.20.1 |
CVE-2022-41862 |
PPDM Core
| Third Party Component | CVEs | More Information |
| jettison-1.1/jettison-1.4 Jettison - Json Stax implementation1.1 |
CVE-2022-40149 CVE-2022-40150 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| XStream1.4.19 | CVE-2022-40151 CVE-2022-40152 CVE-2022-41966 |
|
| snakeyaml-1.30 | CVE-2022-25857 | |
| jackson-databind2.13.4 | CVE-2022-42003 | |
| Apache Commons JXPath1.3 | CVE-2022-41852 CVE-2022-40159 CVE-2022-40157 CVE-2022-40160 CVE-2022-40161 CVE-2022-40158 |
|
| Apache Commons Text1.9 | CVE-2022-42889 | |
| Spring Security5.7.4 | CVE-2022-31692 CVE-2022-31690 |
|
| PostgreSQL JDBC Driver (pgjdbc)42.4.2 | CVE-2022-41946 | |
| zip4j 2.10.0/zip4j 2.11.2 | CVE-2023-22899 |
PPDM-UI
| Third-Party Component | CVEs | More Information |
| engine io 6.2.0 | CVE-2022-41940 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| glob-parent 5.1.2 | CVE-2020-28469 | |
| jszip 3.7.1 | CVE-2022-48285 | |
| minimatch 3.0.4 | CVE-2022-3517 | |
| qs 6.5.2 | CVE-2022-24999 | |
| sindresorhus/got 9.6.0 | CVE-2021-33502 | |
| socket io-parser 4.0.4 | CVE-2022-2421 | |
| terser 5.11.0 | CVE-2022-25858 |
PPDM Cloud Disaster Recovery
| Third Party Component | CVEs | More Information |
| Spring Security 5.5.7 | CVE-2022-31690 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| jackson-databind 2.13.4 | CVE-2022-42003 | |
| spring_framework_version 5.3.23 | CVE-2016-1000027 | |
| snake_yaml_version 1.31 | CVE-2022-41854 CVE-2022-38752 |
|
| jettison_version 1.5.1 | CVE-2022-45693 CVE-2022-45685 |
|
| hsql 2.6.1 | CVE-2022-41853 |
PPDM Kubernetes cProxy
| Third Party Component | CVEs | More Information |
| curl <v7.88.0 | CVE-2023-23916 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| GNU Tar 1.27.1-15.15.1 | CVE-2022-48303 |
PPDM Native Reporting
| Third Party Component | CVEs | More Information |
| Apache POI 2.5.1/Apache POI 3.10-beta2 | CVE-2017-12626 CVE-2019-12415 CVE-2016-5000 CVE-2022-26336 CVE-2017-5644 CVE-2012-0213 CVE-2014-9527 CVE-2014-3574 CVE-2014-3529 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| BeanShell 2.0b4 | CVE-2016-2510 | |
| Jsoup 1.7.3 | CVE-2021-37714 CVE-2022-36033 CVE-2015-6748 |
|
| libplexus-utils 2.0.5/ libplexus-utils 1.5.15 | CVE-2017-1000487 | |
| Maven Shared Utils 0.1 Maven Shared Utils 0.4 Maven Shared Utils 0.7 |
CVE-2022-29599 | |
| XMLBeans 2.3.0 | CVE-2021-23926 |
Cloud Snapshot Manager
| Third Party Component | CVEs | More Information |
| cryptiles 3.1.2 | CVE-2018-1000620 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| deep-extend 0.4.2 | CVE-2018-3750 | |
| extend 3.0.1 | CVE-2018-16492 CVE-2018-16492 |
|
| Handlebars.js 4.0.11 | CVE-2021-23369 CVE-2021-23383 CVE-2019-19919 |
|
| json-schema 0.2.3 | CVE-2021-3918 | |
| knex 0.14.6 | CVE-2019-10757 CVE-2019-10757 |
|
| Lodash 4.17.10 | CVE-2019-10744 CVE-2021-23337 |
|
| minimist 1.2.0 | CVE-2021-44906 | |
| mixin-deep 1.3.1 | CVE-2019-10746 | |
| set-value 0.4.3 | CVE-2021-23440 CVE-2019-10747 |
|
| y18n 4.0.0 | CVE-2020-7774 | |
| yeikos/js.merge 1.2.0 | CVE-2020-28499 | |
| ansi-regex 4.1.0 | CVE-2021-3807 | |
| Async 2.6.0 | CVE-2021-43138 | |
| axios 0.18.1 | CVE-2021-3749 | |
| dicer 0.2.5 | CVE-2022-24434 | |
| dot-prop 4.2.0 | CVE-2020-8116 | |
| doTJS v1.1.2 | CVE-2020-8141 | |
| glob-parent 2.0.0 | CVE-2020-28469 | |
| hueniverse/hawk 6.0.2 | CVE-2022-29167 | |
| ini 1.3.5 | CVE-2020-7788 | |
| kind-of 6.0.2 | CVE-2019-20149 | |
| knowledgecode/date-and-time 0.11.1 | CVE-2020-26289 | |
| moment/moment 2.24.0 | CVE-2022-24785 CVE-2022-31129 |
|
| node-forge 0.8.4 | CVE-2022-24771 CVE-2022-24772 CVE-2020-7720 |
|
| Nodemailerv 6.4.18 | CVE-2021-23400 | |
| path-parse 1.0.5 | CVE-2021-23343 | |
| pathval 1.1.0 | CVE-2020-7751 | |
| redis 2.8.0 | CVE-2021-29469 | |
| simple-getv 3.1.0 | CVE-2022-0355 | |
| tar v4.4.10 | CVE-2021-32803 CVE-2021-32804 CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 |
|
| tmpl 1.0.4 | CVE-2021-3777 | |
| Underscore.js 1.9.1 | CVE-2021-23358 | |
| validator.js 9.4.1 | CVE-2021-3765 | |
| ajv 5.5.2 | CVE-2020-15366 | |
| bl 4.0.2 | CVE-2020-8244 | |
| debug-js/debug 2.2.0 | CVE-2017-16137 | |
| follow-redirects 1.7.0 | CVE-2022-0155 CVE-2022-0536 |
|
| hosted-git-info 2.7.1 | CVE-2021-23362 | |
| jszip 3.2.2 | CVE-2021-21366 CVE-2021-32796 |
|
| micromatch/braces 1.8.5 | CVE-2018-1109 | |
| mikaelbr/node-notifier 5.2.1 | CVE-2020-7789 | |
| node-fetch 2.6.0 | CVE-2020-15168 CVE-2022-0235 |
|
| Passport.js 0.3.2 | CVE-2022-25896 | |
| randomatic 1.1.7 | CVE-2017-16028 | |
| stringstream 0.0.5 | CVE-2018-21270 | |
| undefsafe 2.0.2 | CVE-2019-10795 | |
| xmldom 0.1.27 | CVE-2021-21366 CVE-2021-32796 |
|
| yargs-parser 2.4.1 | CVE-2020-7608 | |
| Chownr 1.0.1 | CVE-2017-18869 |
PPDM AppAgents
| Third Party Component | CVEs | More Information |
| SQLite 3.38.1 SQLite 3.39.4 |
CVE-2022-35737 CVE-2022-46908 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| Zlib 1.2.11 | CVE-2022-37434 CVE-2018-25032 |
|
| Libxml 2.9.14 | CVE-2022-40304 CVE-2022-40303 |
|
| Libcurl 7.86 | CVE-2022-43551 CVE-2022-43552 |
Operating System Components CVE Details:
PPDM Core
PPDM-UI
PPDM Cloud Disaster Recovery
PPDM Kubernetes cProxy
PPDM Native Reporting
Cloud Snapshot Manager
PPDM AppAgents
| Third Party Component | CVEs | More Information |
| libpython3_6m1_0=3.6.15-32.2 python36-base=3.6.15-32.2 python36=3.6.15-32.2 |
CVE-2022-37454 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| bind-utils=9.11.22-3.43.1 libbind9-161=9.11.22-3.43.1 libdns1110=9.11.22-3.43.1 libirs161=9.11.22-3.43.1 libisc1107=9.11.22-3.43.1 libisccc161=9.11.22-3.43.1 libisccfg163=9.11.22-3.43.1 liblwres161=9.11.22-3.43.1 python-bind=9.11.22-3.43.1 |
CVE-2022-2795 CVE-2022-38177 CVE-2022-38178 |
|
| tar-lang=1.27.1-15.18.1 tar=1.27.1-15.18.1 |
CVE-2022-48303 | |
| samba-client-libs=4.15.13+git.534.0d9f8ece26-3.77.1 samba-libs-python3=4.15.13+git.534.0d9f8ece26-3.77.1 samba-libs=4.15.13+git.534.0d9f8ece26-3.77.1 |
CVE-2021-20251 CVE-2022-38023 |
|
| libtirpc-netconfig=1.0.1-17.24.1 libtirpc3=1.0.1-17.24.1 |
CVE-2021-46828 | |
| dbus-1-x11=1.8.22-41.1 dbus-1=1.8.22-41.1 libdbus-1-3=1.8.22-41.1 |
CVE-2022-42010 | |
| libopenssl1_0_0=1.0.2p-3.64.1 libopenssl1_1=1.1.1d-2.75.1 openssl-1_0_0=1.0.2p-3.64.1 |
CVE-2023-0286 | |
| libsqlite3-0=3.39.3-9.26.1 sqlite3-tcl=3.39.3-9.26.1 |
CVE-2022-46908 | |
| libmspack0=0.4-15.13.1 | CVE-2018-18586 | |
| glibc-i18ndata=2.22-114.22.1 glibc-locale=2.22-114.22.1 glibc=2.22-114.22.1 |
CVE-2015-8985 | |
| emacs-info=24.3-25.9.1 emacs-nox=24.3-25.9.1 emacs=24.3-25.9.1 etags=24.3-25.9.1 |
CVE-2022-45939 | |
| git-core=2.26.2-27.66.1 | CVE-2023-22490 | |
| grub2-i386-pc=2.02-156.1 grub2-snapper-plugin=2.02-156.1 grub2-systemd-sleep-plugin=2.02-156.1 grub2=2.02-156.1 |
CVE-2022-2601 CVE-2022-3775 |
|
| expat=2.1.0-21.28.1 libexpat1=2.1.0-21.28.1 |
CVE-2022-43680 | |
| libxml2-2=2.9.4-46.59.2 libxml2-tools=2.9.4-46.59.2 |
CVE-2022-40303 | |
| python3-setuptools=40.6.2-4.21.1 python36-setuptools=44.1.1-8.6.1 |
CVE-2022-40897 | |
| libpython3_4m1_0=3.4.10-25.105.1 python3-base=3.4.10-25.105.1 |
CVE-2022-40899 | |
| w3m=0.5.3.git20161120-161.6.1 | CVE-2022-38223 | |
| containerd=1.6.12-16.68.1 | CVE-2022-23471 CVE-2022-27191 |
|
| libX11-6=1.6.2-12.24.1 libX11-data=1.6.2-12.24.1 |
CVE-2022-3554 CVE-2022-3555 |
|
| libsnmp30=5.7.3-11.6.1 net-snmp=5.7.3-11.6.1 perl-SNMP=5.7.3-11.6.1 snmp-mibs=5.7.3-11.6.1 |
CVE-2022-44793 | |
| vim-data-common=9.0.1234-17.12.1 vim-data=9.0.1234-17.12.1 vim=9.0.1234-17.12.1 |
CVE-2021-3928 CVE-2022-3234 CVE-2022-3235 CVE-2022-3324 CVE-2022-3491 CVE-2022-3520 CVE-2022-3591 CVE-2022-3705 CVE-2022-4141 CVE-2022-4292 CVE-2022-4293 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 |
|
| rpm=4.11.2-16.26.1 | CVE-2021-20271 CVE-2021-3421 |
|
| java-11-openjdk-headless=11.0.18.0-3.52.1 | CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 CVE-2022-39399 CVE-2023-21835 CVE-2023-21843 |
|
| libfreebl3-hmac=3.79.4-58.94.1 libfreebl3=3.79.4-58.94.1 libsoftokn3-hmac=3.79.4-58.94.1 libsoftokn3=3.79.4-58.94.1 mozilla-nss-certs=3.79.4-58.94.1 mozilla-nss=3.79.4-58.94.1 |
CVE-2022-23491 CVE-2022-3479 CVE-2023-0767 |
|
| krb5=1.12.5-40.46.1 | CVE-2022-42898 | |
| sudo=1.8.27-4.33.1 | CVE-2023-22809 | |
| libpython2_7-1_0=2.7.18-33.17.1 python-base=2.7.18-33.17.1 python-xml=2.7.18-33.17.1 python3=3.4.10-25.105.1 |
CVE-2022-45061 | |
| libksba8=1.3.0-24.6.1 | CVE-2022-47629 | |
| curl=7.60.0-11.55.1 libcurl4=7.60.0-11.55.1 |
CVE-2023-23916 | |
| libsystemd0=228-157.49.1 libudev1=228-157.49.1 systemd-bash-completion=228-157.49.1 systemd-sysvinit=228-157.49.1 systemd=228-157.49.1 udev=228-157.49.1 |
CVE-2022-4415 | |
| ucode-intel=20230214-3.49.1 | CVE-2022-21216 CVE-2022-33196 CVE-2022-38090 |
|
| libtasn1-6=4.9-3.13.1 libtasn1=4.9-3.13.1 |
CVE-2021-46848 | |
| python3-py=1.8.1-11.15.2 | CVE-2020-29651 CVE-2022-42969 |
|
| kernel-default=4.12.14-122.147.1 | CVE-2023-23454 | |
| libdb-4_8=4.8.30-33.1 | CVE-2019-2708 | |
| dhcp-client=4.3.3-10.28.1 dhcp=4.3.3-10.28.1 |
CVE-2022-2928 CVE-2022-2929 |
|
| kpartx=0.7.9+232+suse.cbc3754-3.14.1 | CVE-2022-41973 | |
| libpq5=15.2-3.6.1 postgresql14-server=14.7-3.20.1 postgresql14=14.7-3.20.1 |
CVE-2022-41862 |
PPDM Core
| Third Party Component | CVEs | More Information |
| jettison-1.1/jettison-1.4 Jettison - Json Stax implementation1.1 |
CVE-2022-40149 CVE-2022-40150 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| XStream1.4.19 | CVE-2022-40151 CVE-2022-40152 CVE-2022-41966 |
|
| snakeyaml-1.30 | CVE-2022-25857 | |
| jackson-databind2.13.4 | CVE-2022-42003 | |
| Apache Commons JXPath1.3 | CVE-2022-41852 CVE-2022-40159 CVE-2022-40157 CVE-2022-40160 CVE-2022-40161 CVE-2022-40158 |
|
| Apache Commons Text1.9 | CVE-2022-42889 | |
| Spring Security5.7.4 | CVE-2022-31692 CVE-2022-31690 |
|
| PostgreSQL JDBC Driver (pgjdbc)42.4.2 | CVE-2022-41946 | |
| zip4j 2.10.0/zip4j 2.11.2 | CVE-2023-22899 |
PPDM-UI
| Third-Party Component | CVEs | More Information |
| engine io 6.2.0 | CVE-2022-41940 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| glob-parent 5.1.2 | CVE-2020-28469 | |
| jszip 3.7.1 | CVE-2022-48285 | |
| minimatch 3.0.4 | CVE-2022-3517 | |
| qs 6.5.2 | CVE-2022-24999 | |
| sindresorhus/got 9.6.0 | CVE-2021-33502 | |
| socket io-parser 4.0.4 | CVE-2022-2421 | |
| terser 5.11.0 | CVE-2022-25858 |
PPDM Cloud Disaster Recovery
| Third Party Component | CVEs | More Information |
| Spring Security 5.5.7 | CVE-2022-31690 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| jackson-databind 2.13.4 | CVE-2022-42003 | |
| spring_framework_version 5.3.23 | CVE-2016-1000027 | |
| snake_yaml_version 1.31 | CVE-2022-41854 CVE-2022-38752 |
|
| jettison_version 1.5.1 | CVE-2022-45693 CVE-2022-45685 |
|
| hsql 2.6.1 | CVE-2022-41853 |
PPDM Kubernetes cProxy
| Third Party Component | CVEs | More Information |
| curl <v7.88.0 | CVE-2023-23916 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| GNU Tar 1.27.1-15.15.1 | CVE-2022-48303 |
PPDM Native Reporting
| Third Party Component | CVEs | More Information |
| Apache POI 2.5.1/Apache POI 3.10-beta2 | CVE-2017-12626 CVE-2019-12415 CVE-2016-5000 CVE-2022-26336 CVE-2017-5644 CVE-2012-0213 CVE-2014-9527 CVE-2014-3574 CVE-2014-3529 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| BeanShell 2.0b4 | CVE-2016-2510 | |
| Jsoup 1.7.3 | CVE-2021-37714 CVE-2022-36033 CVE-2015-6748 |
|
| libplexus-utils 2.0.5/ libplexus-utils 1.5.15 | CVE-2017-1000487 | |
| Maven Shared Utils 0.1 Maven Shared Utils 0.4 Maven Shared Utils 0.7 |
CVE-2022-29599 | |
| XMLBeans 2.3.0 | CVE-2021-23926 |
Cloud Snapshot Manager
| Third Party Component | CVEs | More Information |
| cryptiles 3.1.2 | CVE-2018-1000620 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| deep-extend 0.4.2 | CVE-2018-3750 | |
| extend 3.0.1 | CVE-2018-16492 CVE-2018-16492 |
|
| Handlebars.js 4.0.11 | CVE-2021-23369 CVE-2021-23383 CVE-2019-19919 |
|
| json-schema 0.2.3 | CVE-2021-3918 | |
| knex 0.14.6 | CVE-2019-10757 CVE-2019-10757 |
|
| Lodash 4.17.10 | CVE-2019-10744 CVE-2021-23337 |
|
| minimist 1.2.0 | CVE-2021-44906 | |
| mixin-deep 1.3.1 | CVE-2019-10746 | |
| set-value 0.4.3 | CVE-2021-23440 CVE-2019-10747 |
|
| y18n 4.0.0 | CVE-2020-7774 | |
| yeikos/js.merge 1.2.0 | CVE-2020-28499 | |
| ansi-regex 4.1.0 | CVE-2021-3807 | |
| Async 2.6.0 | CVE-2021-43138 | |
| axios 0.18.1 | CVE-2021-3749 | |
| dicer 0.2.5 | CVE-2022-24434 | |
| dot-prop 4.2.0 | CVE-2020-8116 | |
| doTJS v1.1.2 | CVE-2020-8141 | |
| glob-parent 2.0.0 | CVE-2020-28469 | |
| hueniverse/hawk 6.0.2 | CVE-2022-29167 | |
| ini 1.3.5 | CVE-2020-7788 | |
| kind-of 6.0.2 | CVE-2019-20149 | |
| knowledgecode/date-and-time 0.11.1 | CVE-2020-26289 | |
| moment/moment 2.24.0 | CVE-2022-24785 CVE-2022-31129 |
|
| node-forge 0.8.4 | CVE-2022-24771 CVE-2022-24772 CVE-2020-7720 |
|
| Nodemailerv 6.4.18 | CVE-2021-23400 | |
| path-parse 1.0.5 | CVE-2021-23343 | |
| pathval 1.1.0 | CVE-2020-7751 | |
| redis 2.8.0 | CVE-2021-29469 | |
| simple-getv 3.1.0 | CVE-2022-0355 | |
| tar v4.4.10 | CVE-2021-32803 CVE-2021-32804 CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 |
|
| tmpl 1.0.4 | CVE-2021-3777 | |
| Underscore.js 1.9.1 | CVE-2021-23358 | |
| validator.js 9.4.1 | CVE-2021-3765 | |
| ajv 5.5.2 | CVE-2020-15366 | |
| bl 4.0.2 | CVE-2020-8244 | |
| debug-js/debug 2.2.0 | CVE-2017-16137 | |
| follow-redirects 1.7.0 | CVE-2022-0155 CVE-2022-0536 |
|
| hosted-git-info 2.7.1 | CVE-2021-23362 | |
| jszip 3.2.2 | CVE-2021-21366 CVE-2021-32796 |
|
| micromatch/braces 1.8.5 | CVE-2018-1109 | |
| mikaelbr/node-notifier 5.2.1 | CVE-2020-7789 | |
| node-fetch 2.6.0 | CVE-2020-15168 CVE-2022-0235 |
|
| Passport.js 0.3.2 | CVE-2022-25896 | |
| randomatic 1.1.7 | CVE-2017-16028 | |
| stringstream 0.0.5 | CVE-2018-21270 | |
| undefsafe 2.0.2 | CVE-2019-10795 | |
| xmldom 0.1.27 | CVE-2021-21366 CVE-2021-32796 |
|
| yargs-parser 2.4.1 | CVE-2020-7608 | |
| Chownr 1.0.1 | CVE-2017-18869 |
PPDM AppAgents
| Third Party Component | CVEs | More Information |
| SQLite 3.38.1 SQLite 3.39.4 |
CVE-2022-35737 CVE-2022-46908 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| Zlib 1.2.11 | CVE-2022-37434 CVE-2018-25032 |
|
| Libxml 2.9.14 | CVE-2022-40304 CVE-2022-40303 |
|
| Libcurl 7.86 | CVE-2022-43551 CVE-2022-43552 |
受影響的產品與補救措施
| Product | Affected Versions | Updated Version | Link to Update |
| Dell PowerProtect Data Manager | 19.12 and earlier | 19.13 and later | PPDM 19.13 drivers and downloads |
| Dell PowerProtect Data Manager Appliance (DM5500) | 5.12 | 5.13 | DM5500 5.13 Downloads |
| Product | Affected Versions | Updated Version | Link to Update |
| Dell PowerProtect Data Manager | 19.12 and earlier | 19.13 and later | PPDM 19.13 drivers and downloads |
| Dell PowerProtect Data Manager Appliance (DM5500) | 5.12 | 5.13 | DM5500 5.13 Downloads |
修訂歷史記錄
| Revision | Date | Description |
| 1.0 | 2023-04-03 | Initial Release |
| 2.0 | 2023-05-05 | Added New Product Under "Affected Products and Remediation" Section |
相關資訊
法律免責聲明
受影響的產品
PowerProtect Data Manager Appliance, PowerProtect Data Manager, Product Security Information文章屬性
文章編號: 000211965
文章類型: Dell Security Advisory
上次修改時間: 19 9月 2025
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。