logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Workload: Moderate Vulnerability for Pycairo Application Incorrectly Points to CVE-2019-10086 Which is marked for Apache Commons NetBeans.

Workload: Moderate Vulnerability for Pycairo Application Incorrectly Points to CVE-2019-10086 Which is marked for Apache Commons NetBeans.

Environment

  • Carbon Black Cloud Console: All Versions
  • Workload

Symptoms

The Vulnerabilities tab in our console shows moderate vulnerability with CVE-2019-10086 for an irrelevant application called "Pycairo" while the actual  (CVE-2019-10086) is meant for Apache Commons NetBeans.
https://nvd.nist.gov/vuln/detail/CVE-2019-10086

Cause

The NVD site has not updated the vulnerability details that do exist for the Pycairo application with regards to the mentioned CVE.

Resolution

  • The Mentioned CVE does exist for Pycairo, This can be Checked on the Below RedHat Advisory. Red Hat Security Advisory 2020-1454-01 ≈ Packet Storm 
  • For fixing this moderate vulnerability(CVE-2019-10086) we should have to update the Pycairo application to the (1.20.1) latest version.

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎08-25-2021
Views:
273
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.