@ -1,159 +0,0 @@
---
hide:
- toc
---
# Security Overview
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
## Helm-Chart
##### Scan Results
#### Chart Object: projectsend/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-projectsend' of Deployment ' RELEASE-NAME-projectsend' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' RELEASE-NAME-projectsend' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-projectsend' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-projectsend' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-projectsend' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-projectsend' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-projectsend' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-projectsend' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/projectsend:v2021.12.10
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
#### Container: Node.js
**node-pkg**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3807.html" > https://linux.oracle.com/cve/CVE-2021-3807.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < / details > |
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-896r-f27r-55mw" > https://github.com/advisories/GHSA-896r-f27r-55mw< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741" > https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a" > https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa" > https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa< / a > < br > < a href = "https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9" > https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3918.html" > https://linux.oracle.com/cve/CVE-2021-3918.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3918" > https://nvd.nist.gov/vuln/detail/CVE-2021-3918< / a > < br > < / details > |
| lodash | CVE-2019-10744 | CRITICAL | 1.0.2 | 4.17.12 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:3024" > https://access.redhat.com/errata/RHSA-2019:3024< / a > < br > < a href = "https://github.com/advisories/GHSA-jf85-cpcp-j695" > https://github.com/advisories/GHSA-jf85-cpcp-j695< / a > < br > < a href = "https://github.com/lodash/lodash/pull/4336" > https://github.com/lodash/lodash/pull/4336< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10744" > https://nvd.nist.gov/vuln/detail/CVE-2019-10744< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20191004-0005/" > https://security.netapp.com/advisory/ntap-20191004-0005/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-450202" > https://snyk.io/vuln/SNYK-JS-LODASH-450202< / a > < br > < a href = "https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp;utm_medium=RSS" > https://support.f5.com/csp/article/K47105354?utm_source=f5support& amp;utm_medium=RSS< / a > < br > < a href = "https://www.npmjs.com/advisories/1065" > https://www.npmjs.com/advisories/1065< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| lodash | CVE-2020-8203 | HIGH | 1.0.2 | 4.17.19 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-p6mc-m468-83gw" > https://github.com/advisories/GHSA-p6mc-m468-83gw< / a > < br > < a href = "https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12" > https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12< / a > < br > < a href = "https://github.com/lodash/lodash/issues/4744" > https://github.com/lodash/lodash/issues/4744< / a > < br > < a href = "https://github.com/lodash/lodash/issues/4874" > https://github.com/lodash/lodash/issues/4874< / a > < br > < a href = "https://hackerone.com/reports/712065" > https://hackerone.com/reports/712065< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-8203" > https://nvd.nist.gov/vuln/detail/CVE-2020-8203< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200724-0006/" > https://security.netapp.com/advisory/ntap-20200724-0006/< / a > < br > < a href = "https://www.npmjs.com/advisories/1523" > https://www.npmjs.com/advisories/1523< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| lodash | CVE-2021-23337 | HIGH | 1.0.2 | 4.17.21 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337< / a > < br > < a href = "https://github.com/advisories/GHSA-35jh-r3h4-6jhm" > https://github.com/advisories/GHSA-35jh-r3h4-6jhm< / a > < br > < a href = "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851" > https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851< / a > < br > < a href = "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851" > https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851< / a > < br > < a href = "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c" > https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23337" > https://nvd.nist.gov/vuln/detail/CVE-2021-23337< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210312-0006/" > https://security.netapp.com/advisory/ntap-20210312-0006/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932" > https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-1040724" > https://snyk.io/vuln/SNYK-JS-LODASH-1040724< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| lodash | CVE-2018-16487 | MEDIUM | 1.0.2 | > =4.17.11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487< / a > < br > < a href = "https://github.com/advisories/GHSA-4xc9-xhrj-v574" > https://github.com/advisories/GHSA-4xc9-xhrj-v574< / a > < br > < a href = "https://hackerone.com/reports/380873" > https://hackerone.com/reports/380873< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-16487" > https://nvd.nist.gov/vuln/detail/CVE-2018-16487< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20190919-0004/" > https://security.netapp.com/advisory/ntap-20190919-0004/< / a > < br > < a href = "https://www.npmjs.com/advisories/782" > https://www.npmjs.com/advisories/782< / a > < br > < / details > |
| lodash | CVE-2018-3721 | MEDIUM | 1.0.2 | > =4.17.5 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721< / a > < br > < a href = "https://github.com/advisories/GHSA-fvqr-27wr-82fm" > https://github.com/advisories/GHSA-fvqr-27wr-82fm< / a > < br > < a href = "https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a" > https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a< / a > < br > < a href = "https://hackerone.com/reports/310443" > https://hackerone.com/reports/310443< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-3721" > https://nvd.nist.gov/vuln/detail/CVE-2018-3721< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20190919-0004/" > https://security.netapp.com/advisory/ntap-20190919-0004/< / a > < br > < a href = "https://snyk.io/vuln/npm:lodash:20180130" > https://snyk.io/vuln/npm:lodash:20180130< / a > < br > < a href = "https://www.npmjs.com/advisories/577" > https://www.npmjs.com/advisories/577< / a > < br > < / details > |
| lodash | CVE-2019-1010266 | MEDIUM | 1.0.2 | 4.17.11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010266" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010266< / a > < br > < a href = "https://github.com/advisories/GHSA-x5rq-j2xg-h7qm" > https://github.com/advisories/GHSA-x5rq-j2xg-h7qm< / a > < br > < a href = "https://github.com/lodash/lodash/commit/5c08f18d365b64063bfbfa686cbb97cdd6267347" > https://github.com/lodash/lodash/commit/5c08f18d365b64063bfbfa686cbb97cdd6267347< / a > < br > < a href = "https://github.com/lodash/lodash/issues/3359" > https://github.com/lodash/lodash/issues/3359< / a > < br > < a href = "https://github.com/lodash/lodash/wiki/Changelog" > https://github.com/lodash/lodash/wiki/Changelog< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-1010266" > https://nvd.nist.gov/vuln/detail/CVE-2019-1010266< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20190919-0004/" > https://security.netapp.com/advisory/ntap-20190919-0004/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-73639" > https://snyk.io/vuln/SNYK-JS-LODASH-73639< / a > < br > < / details > |
| lodash | CVE-2020-28500 | MEDIUM | 1.0.2 | 4.17.21 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500< / a > < br > < a href = "https://github.com/advisories/GHSA-29mw-wpgm-hmr9" > https://github.com/advisories/GHSA-29mw-wpgm-hmr9< / a > < br > < a href = "https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8" > https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8< / a > < br > < a href = "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8" > https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8< / a > < br > < a href = "https://github.com/lodash/lodash/pull/5065" > https://github.com/lodash/lodash/pull/5065< / a > < br > < a href = "https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7" > https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28500" > https://nvd.nist.gov/vuln/detail/CVE-2020-28500< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210312-0006/" > https://security.netapp.com/advisory/ntap-20210312-0006/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896" > https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-1018905" > https://snyk.io/vuln/SNYK-JS-LODASH-1018905< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| lodash | CVE-2021-23337 | HIGH | 4.17.20 | 4.17.21 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337< / a > < br > < a href = "https://github.com/advisories/GHSA-35jh-r3h4-6jhm" > https://github.com/advisories/GHSA-35jh-r3h4-6jhm< / a > < br > < a href = "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851" > https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851< / a > < br > < a href = "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851" > https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851< / a > < br > < a href = "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c" > https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23337" > https://nvd.nist.gov/vuln/detail/CVE-2021-23337< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210312-0006/" > https://security.netapp.com/advisory/ntap-20210312-0006/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932" > https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-1040724" > https://snyk.io/vuln/SNYK-JS-LODASH-1040724< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| lodash | CVE-2020-28500 | MEDIUM | 4.17.20 | 4.17.21 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500< / a > < br > < a href = "https://github.com/advisories/GHSA-29mw-wpgm-hmr9" > https://github.com/advisories/GHSA-29mw-wpgm-hmr9< / a > < br > < a href = "https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8" > https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8< / a > < br > < a href = "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8" > https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8< / a > < br > < a href = "https://github.com/lodash/lodash/pull/5065" > https://github.com/lodash/lodash/pull/5065< / a > < br > < a href = "https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7" > https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28500" > https://nvd.nist.gov/vuln/detail/CVE-2020-28500< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210312-0006/" > https://security.netapp.com/advisory/ntap-20210312-0006/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896" > https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-1018905" > https://snyk.io/vuln/SNYK-JS-LODASH-1018905< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| lodash.template | CVE-2019-10744 | CRITICAL | 3.6.2 | 4.5.0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:3024" > https://access.redhat.com/errata/RHSA-2019:3024< / a > < br > < a href = "https://github.com/advisories/GHSA-jf85-cpcp-j695" > https://github.com/advisories/GHSA-jf85-cpcp-j695< / a > < br > < a href = "https://github.com/lodash/lodash/pull/4336" > https://github.com/lodash/lodash/pull/4336< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10744" > https://nvd.nist.gov/vuln/detail/CVE-2019-10744< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20191004-0005/" > https://security.netapp.com/advisory/ntap-20191004-0005/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-450202" > https://snyk.io/vuln/SNYK-JS-LODASH-450202< / a > < br > < a href = "https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp;utm_medium=RSS" > https://support.f5.com/csp/article/K47105354?utm_source=f5support& amp;utm_medium=RSS< / a > < br > < a href = "https://www.npmjs.com/advisories/1065" > https://www.npmjs.com/advisories/1065< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| minimatch | CVE-2016-10540 | HIGH | 0.2.14 | 3.0.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-hxm2-r34f-qmc5" > https://github.com/advisories/GHSA-hxm2-r34f-qmc5< / a > < br > < a href = "https://nodesecurity.io/advisories/118" > https://nodesecurity.io/advisories/118< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2016-10540" > https://nvd.nist.gov/vuln/detail/CVE-2016-10540< / a > < br > < a href = "https://www.npmjs.com/advisories/118" > https://www.npmjs.com/advisories/118< / a > < br > < / details > |
| minimatch | NSWG-ECO-118 | HIGH | 0.2.14 | > =3.0.2 | < details > < summary > Expand...< / summary > < a href = "https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS" > https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS< / a > < br > < / details > |
| minimatch | CVE-2016-10540 | HIGH | 2.0.10 | 3.0.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-hxm2-r34f-qmc5" > https://github.com/advisories/GHSA-hxm2-r34f-qmc5< / a > < br > < a href = "https://nodesecurity.io/advisories/118" > https://nodesecurity.io/advisories/118< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2016-10540" > https://nvd.nist.gov/vuln/detail/CVE-2016-10540< / a > < br > < a href = "https://www.npmjs.com/advisories/118" > https://www.npmjs.com/advisories/118< / a > < br > < / details > |
| minimatch | NSWG-ECO-118 | HIGH | 2.0.10 | > =3.0.2 | < details > < summary > Expand...< / summary > < a href = "https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS" > https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS< / a > < br > < / details > |
| node-sass | CVE-2020-24025 | MEDIUM | 4.14.1 | 7.0.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-r8f7-9pfq-mjmv" > https://github.com/advisories/GHSA-r8f7-9pfq-mjmv< / a > < br > < a href = "https://github.com/sass/node-sass/issues/3067" > https://github.com/sass/node-sass/issues/3067< / a > < br > < a href = "https://github.com/sass/node-sass/pull/567#issuecomment-656609236" > https://github.com/sass/node-sass/pull/567#issuecomment-656609236< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-24025" > https://nvd.nist.gov/vuln/detail/CVE-2020-24025< / a > < br > < / details > |
| postcss | CVE-2021-23382 | MEDIUM | 5.2.18 | 7.0.36, 8.2.13 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-566m-qj78-rww5" > https://github.com/advisories/GHSA-566m-qj78-rww5< / a > < br > < a href = "https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956" > https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956< / a > < br > < a href = "https://github.com/postcss/postcss/releases/tag/7.0.36" > https://github.com/postcss/postcss/releases/tag/7.0.36< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23382" > https://nvd.nist.gov/vuln/detail/CVE-2021-23382< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" > https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640< / a > < br > < / details > |
| postcss | CVE-2021-23368 | MEDIUM | 7.0.26 | 8.2.10, 7.0.36 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368< / a > < br > < a href = "https://github.com/advisories/GHSA-hwj9-h5mp-3pm3" > https://github.com/advisories/GHSA-hwj9-h5mp-3pm3< / a > < br > < a href = "https://github.com/postcss/postcss/commit/54cbf3c4847eb0fb1501b9d2337465439e849734" > https://github.com/postcss/postcss/commit/54cbf3c4847eb0fb1501b9d2337465439e849734< / a > < br > < a href = "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4" > https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4< / a > < br > < a href = "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5" > https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5< / a > < br > < a href = "https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013@%3Ccommits.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013@%3Ccommits.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb@%3Ccommits.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb@%3Ccommits.myfaces.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23368" > https://nvd.nist.gov/vuln/detail/CVE-2021-23368< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595" > https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595< / a > < br > < / details > |
| postcss | CVE-2021-23382 | MEDIUM | 7.0.26 | 7.0.36, 8.2.13 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-566m-qj78-rww5" > https://github.com/advisories/GHSA-566m-qj78-rww5< / a > < br > < a href = "https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956" > https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956< / a > < br > < a href = "https://github.com/postcss/postcss/releases/tag/7.0.36" > https://github.com/postcss/postcss/releases/tag/7.0.36< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23382" > https://nvd.nist.gov/vuln/detail/CVE-2021-23382< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" > https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640< / a > < br > < / details > |
| tar | CVE-2021-32803 | HIGH | 2.2.2 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20" > https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32803.html" > https://linux.oracle.com/cve/CVE-2021-32803.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32803" > https://nvd.nist.gov/vuln/detail/CVE-2021-32803< / a > < br > < a href = "https://www.npmjs.com/advisories/1771" > https://www.npmjs.com/advisories/1771< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-32804 | HIGH | 2.2.2 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4" > https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32804.html" > https://linux.oracle.com/cve/CVE-2021-32804.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32804" > https://nvd.nist.gov/vuln/detail/CVE-2021-32804< / a > < br > < a href = "https://www.npmjs.com/advisories/1770" > https://www.npmjs.com/advisories/1770< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37701 | HIGH | 2.2.2 | 6.1.7, 5.0.8, 4.4.16 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-9r2w-394v-53qc" > https://github.com/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc" > https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-37701.html" > https://linux.oracle.com/cve/CVE-2021-37701.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37701" > https://nvd.nist.gov/vuln/detail/CVE-2021-37701< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1779" > https://www.npmjs.com/advisories/1779< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37712 | HIGH | 2.2.2 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-qq89-hq3f-393p" > https://github.com/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p" > https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-37712.html" > https://linux.oracle.com/cve/CVE-2021-37712.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37712" > https://nvd.nist.gov/vuln/detail/CVE-2021-37712< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1780" > https://www.npmjs.com/advisories/1780< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37713 | HIGH | 2.2.2 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-5955-9wpr-37jh" > https://github.com/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh" > https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37713" > https://nvd.nist.gov/vuln/detail/CVE-2021-37713< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| trim-newlines | CVE-2021-33623 | HIGH | 1.0.0 | 4.0.1, 3.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-7p7h-4mm5-852v" > https://github.com/advisories/GHSA-7p7h-4mm5-852v< / a > < br > < a href = "https://github.com/sindresorhus/trim-newlines/commit/25246c6ce5eea1c82d448998733a6302a4350d91" > https://github.com/sindresorhus/trim-newlines/commit/25246c6ce5eea1c82d448998733a6302a4350d91< / a > < br > < a href = "https://github.com/sindresorhus/trim-newlines/releases/tag/v4.0.1" > https://github.com/sindresorhus/trim-newlines/releases/tag/v4.0.1< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-33623" > https://nvd.nist.gov/vuln/detail/CVE-2021-33623< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210702-0007/" > https://security.netapp.com/advisory/ntap-20210702-0007/< / a > < br > < a href = "https://www.npmjs.com/package/trim-newlines" > https://www.npmjs.com/package/trim-newlines< / a > < br > < / details > |
**composer**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| enshrined/svg-sanitize | CVE-2022-23638 | MEDIUM | 0.13.3 | 0.15.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-fqx8-v33p-4qcc" > https://github.com/advisories/GHSA-fqx8-v33p-4qcc< / a > < br > < a href = "https://github.com/darylldoyle/svg-sanitizer/commit/17e12ba9c2881caa6b167d0fbea555c11207fbb0" > https://github.com/darylldoyle/svg-sanitizer/commit/17e12ba9c2881caa6b167d0fbea555c11207fbb0< / a > < br > < a href = "https://github.com/darylldoyle/svg-sanitizer/issues/71" > https://github.com/darylldoyle/svg-sanitizer/issues/71< / a > < br > < a href = "https://github.com/darylldoyle/svg-sanitizer/security/advisories/GHSA-fqx8-v33p-4qcc" > https://github.com/darylldoyle/svg-sanitizer/security/advisories/GHSA-fqx8-v33p-4qcc< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23638" > https://nvd.nist.gov/vuln/detail/CVE-2022-23638< / a > < br > < / details > |