{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2023 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2022-31015","title":"Title"},{"category":"description","text":"Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select(). This will lead to the main thread raising an exception that is not handled and then causing the entire application to be killed. This issue has been fixed in Waitress 2.1.2 by no longer allowing the WSGI thread to close the socket. Instead, that is always delegated to the main thread. There is no work-around for this issue. However, users using waitress behind a reverse proxy server are less likely to have issues if the reverse proxy always reads the full response.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2022-31015","url":"https://www.suse.com/security/cve/CVE-2022-31015"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1200126 for CVE-2022-31015","url":"https://bugzilla.suse.com/1200126"}],"title":"SUSE CVE CVE-2022-31015","tracking":{"current_release_date":"2023-02-15T03:25:48Z","generator":{"date":"2023-02-15T03:25:48Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2022-31015","initial_release_date":"2023-02-15T03:25:48Z","revision_history":[{"date":"2023-02-15T03:25:48Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"HPE Helion OpenStack 8","product":{"name":"HPE Helion OpenStack 8","product_id":"HPE Helion OpenStack 8","product_identification_helper":{"cpe":"cpe:/o:suse:hpe-helion-openstack:8"}}},{"category":"product_name","name":"SUSE CaaS Platform 4.0","product":{"name":"SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:caasp:4.0"}}},{"category":"product_name","name":"SUSE Enterprise Storage 6","product":{"name":"SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6","product_identification_helper":{"cpe":"cpe:/o:suse:ses:6"}}},{"category":"product_name","name":"SUSE Enterprise Storage 7","product":{"name":"SUSE Enterprise Storage 7","product_id":"SUSE Enterprise Storage 7","product_identification_helper":{"cpe":"cpe:/o:suse:ses:7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-espos:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-espos:15:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP1-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP2-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP2-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15-ESPOS","product":{"name":"SUSE Linux Enterprise Server 15-ESPOS","product_id":"SUSE Linux Enterprise Server 15-ESPOS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-espos:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15-LTSS","product":{"name":"SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1","product":{"name":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1","product_id":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles_bcl:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Business Critical Linux 15 SP2","product":{"name":"SUSE Linux Enterprise Server Business Critical Linux 15 SP2","product_id":"SUSE Linux Enterprise Server Business Critical Linux 15 SP2","product_identification_helper":{"cpe":"cpe:/o:suse:sles_bcl:15:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP2","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP2","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP2","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp4"}}},{"category":"product_name","name":"SUSE Manager Proxy 4.1","product":{"name":"SUSE Manager Proxy 4.1","product_id":"SUSE Manager Proxy 4.1","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-proxy:4.1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp4"}}},{"category":"product_name","name":"SUSE Manager Retail Branch Server 4.1","product":{"name":"SUSE Manager Retail Branch Server 4.1","product_id":"SUSE Manager Retail Branch Server 4.1","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-retail-branch-server:4.1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp4"}}},{"category":"product_name","name":"SUSE Manager Server 4.1","product":{"name":"SUSE Manager Server 4.1","product_id":"SUSE Manager Server 4.1","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-server:4.1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp4"}}},{"category":"product_name","name":"SUSE OpenStack Cloud 8","product":{"name":"SUSE OpenStack Cloud 8","product_id":"SUSE OpenStack Cloud 8","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud:8"}}},{"category":"product_name","name":"SUSE OpenStack Cloud 9","product":{"name":"SUSE OpenStack Cloud 9","product_id":"SUSE OpenStack Cloud 9","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud:9"}}},{"category":"product_name","name":"SUSE OpenStack Cloud Crowbar 8","product":{"name":"SUSE OpenStack Cloud Crowbar 8","product_id":"SUSE OpenStack Cloud Crowbar 8","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud-crowbar:8"}}},{"category":"product_name","name":"SUSE OpenStack Cloud Crowbar 9","product":{"name":"SUSE OpenStack Cloud Crowbar 9","product_id":"SUSE OpenStack Cloud Crowbar 9","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud-crowbar:9"}}},{"category":"product_name","name":"openSUSE Tumbleweed","product":{"name":"openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed","product_identification_helper":{"cpe":"cpe:/o:opensuse:tumbleweed"}}},{"category":"product_version","name":"python-waitress","product":{"name":"python-waitress","product_id":"python-waitress","product_identification_helper":{"cpe":"cpe:2.3:a:agendaless:waitress:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"python3-waitress","product":{"name":"python3-waitress","product_id":"python3-waitress"}},{"category":"product_version","name":"python310-waitress-2.1.2-3.1","product":{"name":"python310-waitress-2.1.2-3.1","product_id":"python310-waitress-2.1.2-3.1","product_identification_helper":{"cpe":"cpe:2.3:a:agendaless:waitress:2.1.2:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"python38-waitress-2.1.2-3.1","product":{"name":"python38-waitress-2.1.2-3.1","product_id":"python38-waitress-2.1.2-3.1","product_identification_helper":{"cpe":"cpe:2.3:a:agendaless:waitress:2.1.2:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"python39-waitress-2.1.2-3.1","product":{"name":"python39-waitress-2.1.2-3.1","product_id":"python39-waitress-2.1.2-3.1","product_identification_helper":{"cpe":"cpe:2.3:a:agendaless:waitress:2.1.2:*:*:*:*:*:*:*"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"python310-waitress-2.1.2-3.1 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:python310-waitress-2.1.2-3.1"},"product_reference":"python310-waitress-2.1.2-3.1","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"python38-waitress-2.1.2-3.1 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:python38-waitress-2.1.2-3.1"},"product_reference":"python38-waitress-2.1.2-3.1","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"python39-waitress-2.1.2-3.1 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:python39-waitress-2.1.2-3.1"},"product_reference":"python39-waitress-2.1.2-3.1","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of HPE Helion OpenStack 8","product_id":"HPE Helion OpenStack 8:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"HPE Helion OpenStack 8"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE CaaS Platform 4.0"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE CaaS Platform 4.0"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Enterprise Storage 7","product_id":"SUSE Enterprise Storage 7:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Enterprise Storage 7"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP3"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Module for Basesystem 15 SP3","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP3:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP3"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Module for Basesystem 15 SP4","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP4:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server 15 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server 15 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP2-LTSS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server 15-ESPOS","product_id":"SUSE Linux Enterprise Server 15-ESPOS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15-ESPOS"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server Business Critical Linux 15 SP1","product_id":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server Business Critical Linux 15 SP2","product_id":"SUSE Linux Enterprise Server Business Critical Linux 15 SP2:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server Business Critical Linux 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Manager Proxy 4.1","product_id":"SUSE Manager Proxy 4.1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Manager Proxy 4.1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Manager Retail Branch Server 4.1","product_id":"SUSE Manager Retail Branch Server 4.1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Manager Server 4.1","product_id":"SUSE Manager Server 4.1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Manager Server 4.1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud 8","product_id":"SUSE OpenStack Cloud 8:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud 8"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud 9","product_id":"SUSE OpenStack Cloud 9:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud 9"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud Crowbar 8","product_id":"SUSE OpenStack Cloud Crowbar 8:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud Crowbar 8"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud Crowbar 9","product_id":"SUSE OpenStack Cloud Crowbar 9:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud Crowbar 9"}]},"vulnerabilities":[{"cve":"CVE-2022-31015","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-31015"}],"notes":[{"category":"general","text":"Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select(). This will lead to the main thread raising an exception that is not handled and then causing the entire application to be killed. This issue has been fixed in Waitress 2.1.2 by no longer allowing the WSGI thread to close the socket. Instead, that is always delegated to the main thread. There is no work-around for this issue. However, users using waitress behind a reverse proxy server are less likely to have issues if the reverse proxy always reads the full response.","title":"Vulnerability description"}],"product_status":{"fixed":["openSUSE Tumbleweed:python310-waitress-2.1.2-3.1","openSUSE Tumbleweed:python38-waitress-2.1.2-3.1","openSUSE Tumbleweed:python39-waitress-2.1.2-3.1"],"known not affected":["HPE Helion OpenStack 8:python-waitress","SUSE CaaS Platform 4.0:python-waitress","SUSE CaaS Platform 4.0:python3-waitress","SUSE Enterprise Storage 6:python-waitress","SUSE Enterprise Storage 7:python-waitress","SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python-waitress","SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python3-waitress","SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python-waitress","SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-waitress","SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:python-waitress","SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:python3-waitress","SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python-waitress","SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-waitress","SUSE Linux Enterprise High Performance Computing 15-LTSS:python-waitress","SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-waitress","SUSE Linux Enterprise Module for Basesystem 15 SP3:python-waitress","SUSE Linux Enterprise Module for Basesystem 15 SP3:python3-waitress","SUSE Linux Enterprise Module for Basesystem 15 SP4:python-waitress","SUSE Linux Enterprise Module for Basesystem 15 SP4:python3-waitress","SUSE Linux Enterprise Server 15 SP1-LTSS:python-waitress","SUSE Linux Enterprise Server 15 SP1-LTSS:python3-waitress","SUSE Linux Enterprise Server 15 SP2-LTSS:python-waitress","SUSE Linux Enterprise Server 15 SP2-LTSS:python3-waitress","SUSE Linux Enterprise Server 15-ESPOS:python-waitress","SUSE Linux Enterprise Server 15-LTSS:python-waitress","SUSE Linux Enterprise Server 15-LTSS:python3-waitress","SUSE Linux Enterprise Server Business Critical Linux 15 SP1:python-waitress","SUSE Linux Enterprise Server Business Critical Linux 15 SP2:python-waitress","SUSE Linux Enterprise Server for SAP Applications 15 SP1:python-waitress","SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-waitress","SUSE Linux Enterprise Server for SAP Applications 15 SP2:python-waitress","SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-waitress","SUSE Linux Enterprise Server for SAP Applications 15:python-waitress","SUSE Linux Enterprise Server for SAP Applications 15:python3-waitress","SUSE Manager Proxy 4.1:python-waitress","SUSE Manager Retail Branch Server 4.1:python-waitress","SUSE Manager Server 4.1:python-waitress","SUSE OpenStack Cloud 8:python-waitress","SUSE OpenStack Cloud 9:python-waitress","SUSE OpenStack Cloud Crowbar 8:python-waitress","SUSE OpenStack Cloud Crowbar 9:python-waitress"]},"references":[{"category":"external","summary":"CVE-2022-31015","url":"https://www.suse.com/security/cve/CVE-2022-31015"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1200126 for CVE-2022-31015","url":"https://bugzilla.suse.com/1200126"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:python310-waitress-2.1.2-3.1","openSUSE Tumbleweed:python38-waitress-2.1.2-3.1","openSUSE Tumbleweed:python39-waitress-2.1.2-3.1"]}],"scores":[{"cvss_v3":{"baseScore":5.9,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:python310-waitress-2.1.2-3.1","openSUSE Tumbleweed:python38-waitress-2.1.2-3.1","openSUSE Tumbleweed:python39-waitress-2.1.2-3.1"]}],"threats":[{"category":"impact","date":"2022-06-01T06:00:03Z","details":"moderate"}],"title":"CVE-2022-31015"}]}