{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2020-5236","title":"Title"},{"category":"description","text":"Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like \"Bad-header: xxxxxxxxxxxxxxx\\x10\" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2020-5236","url":"https://www.suse.com/security/cve/CVE-2020-5236"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1162656 for CVE-2020-5236","url":"https://bugzilla.suse.com/1162656"}],"title":"SUSE CVE CVE-2020-5236","tracking":{"current_release_date":"2025-10-07T03:07:01Z","generator":{"date":"2023-02-15T04:03:22Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2020-5236","initial_release_date":"2023-02-15T04:03:22Z","revision_history":[{"date":"2023-02-15T04:03:22Z","number":"2","summary":"Current version"},{"date":"2025-01-01T05:57:49Z","number":"3","summary":"Current version"},{"date":"2025-01-10T03:24:19Z","number":"4","summary":"Current version"},{"date":"2025-02-15T06:35:02Z","number":"5","summary":"Current version"},{"date":"2025-02-17T06:57:55Z","number":"6","summary":"Current version"},{"date":"2025-03-13T17:02:51Z","number":"7","summary":"Current version"},{"date":"2025-03-15T10:16:05Z","number":"8","summary":"Current version"},{"date":"2025-04-25T05:47:19Z","number":"9","summary":"Current version"},{"date":"2025-06-26T04:44:19Z","number":"10","summary":"Current version"},{"date":"2025-07-01T01:37:32Z","number":"11","summary":"Current version"},{"date":"2025-10-07T03:07:01Z","number":"12","summary":"Current version"}],"status":"interim","version":"12"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"HPE Helion OpenStack 8","product":{"name":"HPE Helion OpenStack 8","product_id":"HPE Helion OpenStack 8","product_identification_helper":{"cpe":"cpe:/o:suse:hpe-helion-openstack:8"}}},{"category":"product_name","name":"HPE Helion OpenStack Cloud 8","product":{"name":"HPE Helion OpenStack Cloud 8","product_id":"HPE Helion OpenStack Cloud 8"}},{"category":"product_name","name":"SUSE Enterprise Storage 5","product":{"name":"SUSE Enterprise Storage 5","product_id":"SUSE Enterprise Storage 5","product_identification_helper":{"cpe":"cpe:/o:suse:ses:5"}}},{"category":"product_name","name":"SUSE Enterprise Storage 6","product":{"name":"SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6","product_identification_helper":{"cpe":"cpe:/o:suse:ses:6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Desktop 15","product":{"name":"SUSE Linux Enterprise Desktop 15","product_id":"SUSE Linux Enterprise Desktop 15","product_identification_helper":{"cpe":"cpe:/o:suse:sled:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Desktop 15 SP1","product":{"name":"SUSE Linux Enterprise Desktop 15 SP1","product_id":"SUSE Linux Enterprise Desktop 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sled:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15","product":{"name":"SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP1","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15","product_id":"SUSE Linux Enterprise Module for Basesystem 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP1","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP1","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15","product":{"name":"SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP1","product":{"name":"SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp1"}}},{"category":"product_name","name":"SUSE Manager Proxy 4.0","product":{"name":"SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-proxy:4.0"}}},{"category":"product_name","name":"SUSE Manager Retail Branch Server 4.0","product":{"name":"SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-retail-branch-server:4.0"}}},{"category":"product_name","name":"SUSE Manager Server 4.0","product":{"name":"SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-server:4.0"}}},{"category":"product_name","name":"SUSE OpenStack Cloud 6-LTSS","product":{"name":"SUSE OpenStack Cloud 6-LTSS","product_id":"SUSE OpenStack Cloud 6-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud-ltss:6"}}},{"category":"product_name","name":"SUSE OpenStack Cloud 7","product":{"name":"SUSE OpenStack Cloud 7","product_id":"SUSE OpenStack Cloud 7","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud:7"}}},{"category":"product_name","name":"SUSE OpenStack Cloud 8","product":{"name":"SUSE OpenStack Cloud 8","product_id":"SUSE OpenStack Cloud 8","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud:8"}}},{"category":"product_name","name":"SUSE OpenStack Cloud 9","product":{"name":"SUSE OpenStack Cloud 9","product_id":"SUSE OpenStack Cloud 9","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud:9"}}},{"category":"product_name","name":"SUSE OpenStack Cloud Crowbar 8","product":{"name":"SUSE OpenStack Cloud Crowbar 8","product_id":"SUSE OpenStack Cloud Crowbar 8","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud-crowbar:8"}}},{"category":"product_name","name":"SUSE OpenStack Cloud Crowbar 9","product":{"name":"SUSE OpenStack Cloud Crowbar 9","product_id":"SUSE OpenStack Cloud Crowbar 9","product_identification_helper":{"cpe":"cpe:/o:suse:suse-openstack-cloud-crowbar:9"}}},{"category":"product_version","name":"python-waitress","product":{"name":"python-waitress","product_id":"python-waitress","product_identification_helper":{"cpe":"cpe:2.3:a:agendaless:waitress:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/python-waitress@?upstream=python-waitress.src.rpm"}}},{"category":"product_version","name":"python3-waitress","product":{"name":"python3-waitress","product_id":"python3-waitress","product_identification_helper":{"cpe":"cpe:2.3:a:agendaless:waitress:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/python3-waitress@?upstream=python-waitress.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of HPE Helion OpenStack 8","product_id":"HPE Helion OpenStack 8:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"HPE Helion OpenStack 8"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of HPE Helion OpenStack Cloud 8","product_id":"HPE Helion OpenStack Cloud 8:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"HPE Helion OpenStack Cloud 8"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Enterprise Storage 5","product_id":"SUSE Enterprise Storage 5:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Enterprise Storage 5"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Desktop 15","product_id":"SUSE Linux Enterprise Desktop 15:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Desktop 15","product_id":"SUSE Linux Enterprise Desktop 15:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Module for Basesystem 15","product_id":"SUSE Linux Enterprise Module for Basesystem 15:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Module for Basesystem 15","product_id":"SUSE Linux Enterprise Module for Basesystem 15:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Desktop 15 SP1","product_id":"SUSE Linux Enterprise Desktop 15 SP1:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Desktop 15 SP1","product_id":"SUSE Linux Enterprise Desktop 15 SP1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Manager Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Manager Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"python3-waitress as component of SUSE Linux Enterprise Module for Basesystem 15 SP1","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-waitress"},"product_reference":"python3-waitress","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE Linux Enterprise Module for Basesystem 15 SP1","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP1:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud 6-LTSS","product_id":"SUSE OpenStack Cloud 6-LTSS:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud 6-LTSS"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud 7","product_id":"SUSE OpenStack Cloud 7:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud 7"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud 8","product_id":"SUSE OpenStack Cloud 8:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud 8"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud 9","product_id":"SUSE OpenStack Cloud 9:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud 9"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud Crowbar 8","product_id":"SUSE OpenStack Cloud Crowbar 8:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud Crowbar 8"},{"category":"default_component_of","full_product_name":{"name":"python-waitress as component of SUSE OpenStack Cloud Crowbar 9","product_id":"SUSE OpenStack Cloud Crowbar 9:python-waitress"},"product_reference":"python-waitress","relates_to_product_reference":"SUSE OpenStack Cloud Crowbar 9"}]},"vulnerabilities":[{"cve":"CVE-2020-5236","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-5236"}],"notes":[{"category":"general","text":"Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like \"Bad-header: xxxxxxxxxxxxxxx\\x10\" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible.","title":"CVE description"}],"product_status":{"known_not_affected":["HPE Helion OpenStack 8:python-waitress","HPE Helion OpenStack Cloud 8:python-waitress","SUSE Enterprise Storage 5:python-waitress","SUSE Enterprise Storage 6:python-waitress","SUSE Enterprise Storage 6:python3-waitress","SUSE Linux Enterprise Desktop 15 SP1:python-waitress","SUSE Linux Enterprise Desktop 15 SP1:python3-waitress","SUSE Linux Enterprise Desktop 15:python-waitress","SUSE Linux Enterprise Desktop 15:python3-waitress","SUSE Linux Enterprise High Performance Computing 15 SP1:python-waitress","SUSE Linux Enterprise High Performance Computing 15 SP1:python3-waitress","SUSE Linux Enterprise High Performance Computing 15:python-waitress","SUSE Linux Enterprise High Performance Computing 15:python3-waitress","SUSE Linux Enterprise Module for Basesystem 15 SP1:python-waitress","SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-waitress","SUSE Linux Enterprise Module for Basesystem 15:python-waitress","SUSE Linux Enterprise Module for Basesystem 15:python3-waitress","SUSE Linux Enterprise Server 15 SP1:python-waitress","SUSE Linux Enterprise Server 15 SP1:python3-waitress","SUSE Linux Enterprise Server 15:python-waitress","SUSE Linux Enterprise Server 15:python3-waitress","SUSE Linux Enterprise Server for SAP Applications 15 SP1:python-waitress","SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-waitress","SUSE Linux Enterprise Server for SAP Applications 15:python-waitress","SUSE Linux Enterprise Server for SAP Applications 15:python3-waitress","SUSE Manager Proxy 4.0:python-waitress","SUSE Manager Proxy 4.0:python3-waitress","SUSE Manager Retail Branch Server 4.0:python-waitress","SUSE Manager Retail Branch Server 4.0:python3-waitress","SUSE Manager Server 4.0:python-waitress","SUSE Manager Server 4.0:python3-waitress","SUSE OpenStack Cloud 6-LTSS:python-waitress","SUSE OpenStack Cloud 7:python-waitress","SUSE OpenStack Cloud 8:python-waitress","SUSE OpenStack Cloud 9:python-waitress","SUSE OpenStack Cloud Crowbar 8:python-waitress","SUSE OpenStack Cloud Crowbar 9:python-waitress"]},"references":[{"category":"external","summary":"CVE-2020-5236","url":"https://www.suse.com/security/cve/CVE-2020-5236"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1162656 for CVE-2020-5236","url":"https://bugzilla.suse.com/1162656"}],"threats":[{"category":"impact","date":"2020-02-04T12:24:37Z","details":"moderate"}],"title":"CVE-2020-5236"}]}