From 473ed0f6610cbf475a3c271c19d1d37ca14362a8 Mon Sep 17 00:00:00 2001 From: TrueCharts-Bot Date: Fri, 3 Dec 2021 20:45:57 +0000 Subject: [PATCH] Commit new App releases for TrueCharts Signed-off-by: TrueCharts-Bot --- stable/nextcloud/10.0.10/CHANGELOG.md | 99 + stable/nextcloud/10.0.10/CONFIG.md | 8 + stable/nextcloud/10.0.10/Chart.lock | 12 + stable/nextcloud/10.0.10/Chart.yaml | 41 + stable/nextcloud/10.0.10/README.md | 40 + stable/nextcloud/10.0.10/app-readme.md | 3 + .../nextcloud/10.0.10/charts/common-8.9.7.tgz | Bin 0 -> 37337 bytes .../10.0.10/charts/postgresql-6.0.15.tgz | Bin 0 -> 45826 bytes .../nextcloud/10.0.10/charts/redis-1.0.19.tgz | Bin 0 -> 43582 bytes stable/nextcloud/10.0.10/helm-values.md | 62 + stable/nextcloud/10.0.10/ix_values.yaml | 133 + stable/nextcloud/10.0.10/questions.yaml | 1871 +++++ stable/nextcloud/10.0.10/sec-scan.md | 7406 +++++++++++++++++ .../10.0.10/templates/_configmap.tpl | 35 + .../nextcloud/10.0.10/templates/_cronjob.tpl | 51 + .../nextcloud/10.0.10/templates/common.yaml | 14 + stable/nextcloud/10.0.10/values.yaml | 0 17 files changed, 9775 insertions(+) create mode 100644 stable/nextcloud/10.0.10/CHANGELOG.md create mode 100644 stable/nextcloud/10.0.10/CONFIG.md create mode 100644 stable/nextcloud/10.0.10/Chart.lock create mode 100644 stable/nextcloud/10.0.10/Chart.yaml create mode 100644 stable/nextcloud/10.0.10/README.md create mode 100644 stable/nextcloud/10.0.10/app-readme.md create mode 100644 stable/nextcloud/10.0.10/charts/common-8.9.7.tgz create mode 100644 stable/nextcloud/10.0.10/charts/postgresql-6.0.15.tgz create mode 100644 stable/nextcloud/10.0.10/charts/redis-1.0.19.tgz create mode 100644 stable/nextcloud/10.0.10/helm-values.md create mode 100644 stable/nextcloud/10.0.10/ix_values.yaml create mode 100644 stable/nextcloud/10.0.10/questions.yaml create mode 100644 stable/nextcloud/10.0.10/sec-scan.md create mode 100644 stable/nextcloud/10.0.10/templates/_configmap.tpl create mode 100644 stable/nextcloud/10.0.10/templates/_cronjob.tpl create mode 100644 stable/nextcloud/10.0.10/templates/common.yaml create mode 100644 stable/nextcloud/10.0.10/values.yaml diff --git a/stable/nextcloud/10.0.10/CHANGELOG.md b/stable/nextcloud/10.0.10/CHANGELOG.md new file mode 100644 index 00000000000..65662316bec --- /dev/null +++ b/stable/nextcloud/10.0.10/CHANGELOG.md @@ -0,0 +1,99 @@ +# Changelog
+ + + +### [nextcloud-10.0.10](https://github.com/truecharts/apps/compare/nextcloud-10.0.9...nextcloud-10.0.10) (2021-12-03) + +#### Chore + +* ensure container references are prefixed with v +* move all container references to TCCR ([#1448](https://github.com/truecharts/apps/issues/1448)) +* update container image tccr.io/truecharts/nextcloud to v23.0.0 ([#1447](https://github.com/truecharts/apps/issues/1447)) + + + + +### [nextcloud-10.0.9](https://github.com/truecharts/apps/compare/nextcloud-10.0.8...nextcloud-10.0.9) (2021-11-30) + +#### Chore + +* update non-major ([#1431](https://github.com/truecharts/apps/issues/1431)) + + + + +### [nextcloud-10.0.8](https://github.com/truecharts/apps/compare/nextcloud-10.0.7...nextcloud-10.0.8) (2021-11-30) + +#### Chore + +* update non-major deps helm releases ([#1432](https://github.com/truecharts/apps/issues/1432)) + +#### Fix + +* move conflicting ports to 10xxx range ([#1415](https://github.com/truecharts/apps/issues/1415)) + + + + +### [nextcloud-10.0.7](https://github.com/truecharts/apps/compare/nextcloud-10.0.6...nextcloud-10.0.7) (2021-11-23) + +#### Chore + +* update non-major deps helm releases ([#1386](https://github.com/truecharts/apps/issues/1386)) + + + + +### [nextcloud-10.0.6](https://github.com/truecharts/apps/compare/nextcloud-10.0.5...nextcloud-10.0.6) (2021-11-22) + +#### Chore + +* update non-major deps helm releases ([#1383](https://github.com/truecharts/apps/issues/1383)) + + + + +### [nextcloud-10.0.5](https://github.com/truecharts/apps/compare/nextcloud-10.0.4...nextcloud-10.0.5) (2021-11-22) + +#### Chore + +* update non-major ([#1380](https://github.com/truecharts/apps/issues/1380)) + + + + +### [nextcloud-10.0.4](https://github.com/truecharts/apps/compare/nextcloud-10.0.3...nextcloud-10.0.4) (2021-11-21) + +#### Fix + +* Default enable all services ([#1361](https://github.com/truecharts/apps/issues/1361)) +* remove specific times for nextcloud startup probes + + + + +### [nextcloud-10.0.3](https://github.com/truecharts/apps/compare/nextcloud-10.0.2...nextcloud-10.0.3) (2021-11-18) + +#### Chore + +* update non-major ([#1350](https://github.com/truecharts/apps/issues/1350)) + + + + +### [nextcloud-10.0.2](https://github.com/truecharts/apps/compare/nextcloud-10.0.1...nextcloud-10.0.2) (2021-11-16) + +#### Chore + +* update non-major deps helm releases ([#1345](https://github.com/truecharts/apps/issues/1345)) + + + + +### [nextcloud-10.0.1](https://github.com/truecharts/apps/compare/nextcloud-10.0.0...nextcloud-10.0.1) (2021-11-16) + +#### Chore + +* bump postgresql again + + diff --git a/stable/nextcloud/10.0.10/CONFIG.md b/stable/nextcloud/10.0.10/CONFIG.md new file mode 100644 index 00000000000..fc9b2fa2d5f --- /dev/null +++ b/stable/nextcloud/10.0.10/CONFIG.md @@ -0,0 +1,8 @@ +# Configuration Options + +##### Connecting to other apps +If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Internally" quick-start guide: +https://truecharts.org/manual/Quick-Start%20Guides/14-linking-apps/ + +##### Available config options +In the future this page is going to contain an automated list of options available in the installation/edit UI. diff --git a/stable/nextcloud/10.0.10/Chart.lock b/stable/nextcloud/10.0.10/Chart.lock new file mode 100644 index 00000000000..5602056b280 --- /dev/null +++ b/stable/nextcloud/10.0.10/Chart.lock @@ -0,0 +1,12 @@ +dependencies: +- name: common + repository: https://truecharts.org + version: 8.9.7 +- name: postgresql + repository: https://truecharts.org/ + version: 6.0.15 +- name: redis + repository: https://truecharts.org + version: 1.0.19 +digest: sha256:605745a6aafb290cc1d20aca5741911e642b27c842840d1b1baf02024040e74b +generated: "2021-12-03T20:41:49.361030929Z" diff --git a/stable/nextcloud/10.0.10/Chart.yaml b/stable/nextcloud/10.0.10/Chart.yaml new file mode 100644 index 00000000000..de90261a179 --- /dev/null +++ b/stable/nextcloud/10.0.10/Chart.yaml @@ -0,0 +1,41 @@ +apiVersion: v2 +appVersion: "23.0.0" +dependencies: +- name: common + repository: https://truecharts.org + version: 8.9.7 +- condition: postgresql.enabled + name: postgresql + repository: https://truecharts.org/ + version: 6.0.15 +- condition: redis.enabled + name: redis + repository: https://truecharts.org + version: 1.0.19 +deprecated: false +description: A private cloud server that puts the control and security of your own + data back into your hands. +home: https://nextcloud.com/ +icon: https://upload.wikimedia.org/wikipedia/commons/thumb/6/60/Nextcloud_Logo.svg/1280px-Nextcloud_Logo.svg.png +keywords: +- nextcloud +- storage +- http +- web +- php +kubeVersion: '>=1.16.0-0' +maintainers: +- email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: nextcloud +sources: +- https://github.com/nextcloud/docker +- https://github.com/nextcloud/helm +type: application +version: 10.0.10 +annotations: + truecharts.org/catagories: | + - cloud + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/stable/nextcloud/10.0.10/README.md b/stable/nextcloud/10.0.10/README.md new file mode 100644 index 00000000000..a7bf3dc141d --- /dev/null +++ b/stable/nextcloud/10.0.10/README.md @@ -0,0 +1,40 @@ +# Introduction + +A private cloud server that puts the control and security of your own data back into your hands. + +TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation. +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)** + +## Source Code + +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +## Dependencies + +| Repository | Name | Version | +|------------|------|---------| +| https://truecharts.org/ | postgresql | 6.0.15 | +| https://truecharts.org | common | 8.9.7 | +| https://truecharts.org | redis | 1.0.19 | + +## Installing the Chart + +To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/03-Installing-an-App/). + +## Uninstalling the Chart + +To remove this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/07-Deleting-an-App/). + +## Support + +- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Open-Apps/) first. +- See the [Wiki](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) +--- +All Rights Reserved - The TrueCharts Project diff --git a/stable/nextcloud/10.0.10/app-readme.md b/stable/nextcloud/10.0.10/app-readme.md new file mode 100644 index 00000000000..28094fc642d --- /dev/null +++ b/stable/nextcloud/10.0.10/app-readme.md @@ -0,0 +1,3 @@ +A private cloud server that puts the control and security of your own data back into your hands. + +This App is supplied by TrueCharts, for more information please visit https://truecharts.org diff --git a/stable/nextcloud/10.0.10/charts/common-8.9.7.tgz b/stable/nextcloud/10.0.10/charts/common-8.9.7.tgz new file mode 100644 index 0000000000000000000000000000000000000000..d624e7df28b2e6a9f2fbdbe515f1463795197ed7 GIT binary patch literal 37337 zcmV)kK%l=LiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POw!ciT3yFplrf`YZ4->9=;D=+&|v>u&bBu9LPon>aqP(|+&W zdrtz9kc2fwvH&SZ>*jy|9J~?$L5lKQ)2(@S8;b-617I+i84PB^bh%8E{>cK8ytjtS z_%C<=3dAz#`8xI_dZ4IA0XgUYIWXIVn)c%k*KE(SA-4>MtS95$VhKf)qPAWDO}0 za0PQnXitDDC?a8+8^hJw->|S@Sr#74!-RyAx?6L6GS*Lw1haG0G!Oy|11IbQZnxVkU-X7V*mgsNL-@t zR1n1_2KhQe6NO%9rEq!PJL(;F9%}yO`d`7gK=hs%K;!x!4o0Jck-Pp6_x2vw|3f@a zK(`CtWhnXi>=e)pg?NTT5T?lt&kF+CTJJmo{~4hfEaIFMK1T>lQJh|N(hMc5EP1_z zb2RAyz+s(p7;BI(5Re5x7-N*=0JDM}00_!biu07LCm_lYp=r{WMZ2PCTVNoEY!&8k zuGrOo(ghstA55a*;dn4UobDe+`@_S%@o>DiH`<5M;oi~yXgD|+?+r%#=wN?%Fog#L zc(iwjj`oH}(R4aK7>$nhT4RtEaSXCF#^JgH_^&hmV**~!PSgC1Aj&$_;n04;1pQb* z5^X!wSD2tVt5`qSC2Zd~&le%-;k1AGoOWT}Wqi7?fwll=j`V8S8}vql(Qt4y9IFA} zJ3Knt8y~@=>EI|lcz!gSg=oAF$03SP7#{BJ!`XN?4UYyxv^R{7!e|l@E zXb_G^aBpxpJ&K0m6rv#<4aTFx19UWgK069gyY{ytUKnRMLE8?ss8v7A#{z205f;!k z!EwiR+#9KJ9S@H7_m0MJI)&(HaEOk^)8TA1i$-V^p@VQd8x4kVe|mH{81EnMjmCQ+ ze2%8WgJ}9ZjHZWPhHEvw9k)$sJ|~F&x;?+uH5)i?3EelmQ=BJoiTh=-HbBg=9gcg$ zl4PgR3{8il>Hh3FM9(7>&BD>_Fq{sb!@(4epC9cXh2sc@;qYj9crZE|!O?6siw1BC z!w5~ivs!7r?eKQyaXN)@IW8y%FahZb5rQMcH88==(F}hE>5TuH6>-e84XLBNlcg;v ztQ<;mOb{;vA~eGZ=92|90JA2h=O@Q+UQNIZ#uRlrOcf((93!IPq6AK3Bp0dr+Uo%M zA)0XI%*CQC3Yb>Zzur+c~#Cr&10Fxxmp@5zy9FMY2-vHUyZFPWI>kX#)1pMQF1$?Os(sYUBz&`;1 zaK%cz<$s#E+#Z7oxc*YpyBJPUybV}U;kJFcVY6mOPK)If5k|-nqL`ovWNAdjl8!ZL2&l;B1V#wZoWLB-*SzQtDFH7vGV~ei1CB&b1Z}-XAwe)lU`KMPT>z5^yiem8 zC-VRgCc<|h-0?&crD}iHehH$<^ll!%c*Kity4FHBv%Xtl)p5$crRv@0U>CG zDNYlxz?5-y5aT7z`K*f%KZ*Bm*y{<{>vXWST?nRH?h5u6VV5cyzx}?JCCg1t@j^** z%Oy;r9lEPou-e}kHF5(|M;78MstN*+;tmCX6|3?xh|<>VVlqyVN|?05#C0E8)+qXaPq8-ar2WNryfAV5AII8wBPrTWx3QmkVyv7GAWHZ*gEX|5o@Bzx?#vEMXe8D>{ zrNDJsNJV(frssPE;1%T39pn-#MW(#SSQbh`vd$QFOxH>ncqW(_XSR$LqZyMBnLNY< zx+k2YChKV$tpx%w3|T+q_#1~hV1{GV>j-4EuzhxXe*Vk5_b(@4x$b6=(yNq2vb%2~ zP5??)n4}4p3RjR|PAffdA=#s%5Z1%=ptMO0E_@vKag~(e*@6#^*Sh7@g6*3Dx$87a3_L4f>Io>;LjY}kUIYuwjtKZ_H{}&1x5Y&QglH zSsHb5GE2!)lx4mAnW4rfLiP3Z-OE=WPmkZenn;y!hEW{7M>F+XzBz;WV#3!!FG(ZB zMxoPDv#R7jVJ3PDGhScRRtKf*OLqygt`rTsa=lfGir2bW7o2cL1u}wDg7Y;9V@QRt z9pTvw5k}HEW5=Ahr@}}>!v%^8CLpSMC#>2jZvs34bWL-#?6SUeLxOW0!dOY1ahzUJ zwdR>b0VT66p>kY1`lkj9uP)i-b|aX~5lIW$EfJ}Mjy|&q#W`4{lnbDY>~ppOsuxOY z`DK9;DdezEr-I9aCA>sTokN0GF%>YOis7cz}y=Imp_n2EthXjc~OKN0&5PUhWwfz<2Wj@TZ~#m_f5xuiD1oWO+X z5CuhCD_}H8QCRSGmnJ#-ocBVQ!6}Y$&J>cg$SKpEr5^C(hu3UoE=Yk+kIwo;KV<#){5Vy;n?GhQc{W17IU?nsUT-wa}RnYfg+=@pUl9 zGZe1F7}fPm7ci|6()bROHNXkZPgH5jg=PRLh%k3%f@BSFj+V3sUcqo-msYy&0i-=AtezaJ@6BX4Y34-P2=^oi|yY)8Jr zbiuizoc(oL5I#u?_?d<+cwV^xC2Wdvst)?6h-*>ciU|Wu-4FtSmQhMX?LG$=CuaeF zFHTi1PR_~(Ue5poKV4j$$rdmbyj*F5e7UmkefFPoy&>(2E@v=bs5-u;`++nYGa*v_ z(iR~$E<(ywL`_Wv%r&c8qt=t4UeBcP!_-g|flq2A`Aj?$Xo@x#X&g}nQ67`2jmQhT zj&cCUd?Ez`4hhCDQ4H7TC`^-xPQY*=zh;PFzUw&ebG$@pk?Rlp^8F0rxFG0aK@epK zvoEEsJ%ac~w62$#pV;;1d!cp>{gK?aA$NP&?wH>Fz`r(vKNow#*5oet5j_jF-idVYUC=-r&V> zf56lvR+p0z!x9u3m3W=kVA z-q^zVw-gv)!4gpl=h~tMt_aR^l=M_{LQZTF6A9wxn-CcvyD-CjrmMy&jJiyXFGz@J zpNWvGVgHF%5W2%%rf^6sxP3}9jMquTR9gfV=~erVlxJbeDje1MuY6+a)F*EA`1Ave z<0%X;FVZ*ZoW4t55t5Qmztb?NQ*PP#OUWhyPD)A>)_#y6BO@w zbKH5WXO;cJ)gKMrN3p4`j!>wwUdR(`pMJUl@UaI4sZ+ry5(a;UCgpN*T1m}2} z#c1bE3Zp5EVG<&;`wXz3-^-uRl)dxy*)wpOM(8Xhxv`P!ufnY2^;WC#?W*56r_#tB7i086-LgiX+|1tx+OdQbK}4rez+>qc&8^<9#n8hR63C)1T}(tssRpCC&~ z4vb?J$r?6^6s%e~K)$ww`L9JI1`py;Z_I!gPd6A)t1c+9sANSO*-@sbx`rQZ;7NQe zHZUXu&JB5z81Y($RKt`kX_tdYxW{8zCnfpBDa%$l>qnl3Y1}iuofjF0VVov^Vp931 zXX4*;_Q%D^nG`!dygd74Ru=+1`y@sA3|=JwGJT-*vq>T_M|sI7agrm#Na@4-H~cH- zs^zhS(R+dLghO|_q|KToN968KysM6`B+l$C_Q`uKj(Had80QlFOV6I&PbKJ2Y{sOI zI*Oz+U`&JF5pbeiONGVM&=7D!a|9!h&Wv_g=}#GNg3m^e&9FSPXCoBJrKe8(shB!* z^WjQKiF=8)OApqa6S)h>vuY)Tn7am_CAC{vI}kNT>b9pu`ap<5=EtP0gXKz7m`*BU zl=Qb?%x<$3#ckX5987#R7?%X@NK60t-;U90t#BvHw2|)0qPG+8B%FHjPI;%a7w^;% zSnO2$^)&KQS@pK^odi?IOI0iPF5l_FZ4&VGacipFvSFgVa=;QtQG5jnGRN}={24`W z*%!n=Rq*7roz6sUQAY8YoIo_gm*$tt=TsaJXD~#{brKeN$~N~93T2BQe{-KQ3SeT0 zS*1Uc36n7am}Q9Ra|}NFEt@Xe((XfLP4Q8-cgCjy$Ln%jtrJ*{Yq>6VD9X6A<*tPe z!!a##z+F$|nfy|@#MyUuKX}WXL}Z z&P43DUFi?ki_;LsrOe_YmBD;bBE>K`R$XE0y%Ks%Ixwp{nEcfx|m_lk%~ zuS~!*VvK;ly#T}BaNHeKAYE|1{fuAVvpyO|oJvb-)3S^=V)xUgwUQKAGY%BtA=Vl) z7m(XQHq;kKoVs{(?vhIne4pkE>AuIkBpG`Yl*MKsBPn-jh4$=-`N(5xa0BfeD9G2M znr{mnApL6uee%Dq zEpA*m*L3Wv)@@C&>57kC*C#1(0J<26U=D!_@Z|7g?Q72Jv4WPkF-y}4m_pJ-X}6}b zmUAe*sA?RLN__MYn{=G5;A)*&^Mf|pYdpGcO%P^FtkZRLai>Bizm#Va%h}H-lH~sl z?Zmp%v0hkCf9piN>LeM51(kEf38Ta;MrS{tJd=O^boLBntMC~>%Pe2N#N?UW>zftI=vep3!h}6f0Cdc5M z>N|BB{x95Qkf&mw5(oZiTr81N*6g!bHNd9J`KSJ089E=+*~ff=K8osp`}9l}m2Tjy zm!cIBt;r)MBqCvb^FCXtB?*=#T| zRU;O8s&VO~``78-~#nn}U z3Vsm+pwF0c3Jqh3m(R*cm+mO~J6m{`c4D0Ls6rmbxhJ8DEVWJ$l?ztc#<^cH5mB1>9Y?)%*i?3DG3DxmL`y6# zl4fu&9m*}Xc+Bq@yiLuJCyGJl4(YxvO^m4&>A9RNuE#CY24fgx3wCAtg?Doo>0cWnaRBN+WcaE{(F(Y5UU#R35+m}5HAII3Q- zjR(>4D4}+2DE=3kfTN?MAF&25j0!1NVgyApCM)he{Con6EKR_t1rx@KgiS7t<4=-t zv4ZaH;}flysLe-F2AhlpBurk(uMkQAj7>N8jxoyH46+_s-d=>sZnJ+MLm`^jB9B(! z#O9|kce#FFRQ4ETmMFpnw_XO~zJ5^dW)S4dY(~M(`{TFWDGV>!Jn5SiyK2QqpxXOP zOtAvYW}4Nd`pie}N&GusRia^=)$l{9bNnwPK7P+z|5=RKCon@WXUk+RZ^_H?c*Z$Y z2otq;mPd8?Ut;|&IXEDDBd4IGF&U-B9dGpv@!%+ zb-c)xkqnU~rj+aU!k0f>q*sXu1hH7Af*dHy&&q-o#nGcpOS!$JF0CEz*|dC8n16EV zJ_wi^yj;ID`*Utyfmc;8))}{+Ff}4vpzu<;tLJ1bwQ?I*g%z79I%TSQM;a!y z5)EO5XB1LS6R$5moXT#M5orFv^n2gr>z#3Vw7z+|W#pcAb1e#Qo@m*6%UO1zKF)9* zgNjN9rJW)97%fe^tTCPz>o`0-^zu46TjKP!I$8XE=}mNr))P=rMD*bk&^|fKb$3qE zBI_^LU0tNJ!Q^cOs+Lq%9tM6gJS}h%;T4Vw7_*tV6lMn`B8Jc$CL!u|#0Ycaxr&lT zWuz;9X3c|EnVKVe%U_yC;J~s12mHIR+;Y|F$rJF70Df!$VoY-*j4D&UimcL#@mibV z^94E=e{a$L=tnGmS!W#K0>P{+-*vf@pB(j5Mi;^Y&jvh96PgoAn3Y2~UO~E?@0-*spWzDwaWa6u=qx=3g5)iGYt=hf8XMnrf{J zlc)=m9Cy{5-H!UpgJhm&X`Ig2=NVg)C%42@-L2$TD#g7@)j*f>7P{qNFhQZNd8&iA zE#c?$OLR2>f5l0T=7{`_lZUGKceYmlN^^pfx%hImK*@)M!W`2Xk5%P-=SSk@wEb0Z z>c2UmaB@Bfc^bRM3-vcA8LKz7|))bD{DTonV$!iY$emx`k5T^xY zki$ia4NoDqhxEj)d>GRd;Dqf3{D#MZF?=d~i6|gN!c=G@7@Lgi7~?#T5d*Cec?M_^ zE?DDlae~?O_SB(pls5|z*upm*?bSY&RaAMWI_Ob(*-B9^qI5>q(u(?krsq0`BW_CNuRIY zo{@u#XE96*(k)}jFAo zbzQitVK6~f+Mra7TVdBui@EY$R}%lBB|yw02QyoGOTvQ5wALaO0|en_*Ac9p{Ot1scgK0j%ROBscoyfgPC?raAhv{39lmIp8NIf8V1sB z_KY&2Tr~g|DUzf*5+%>VWl|20702dyFj+T*t~KFnv*&%V2{ZHFO}K?o|6ZAfHFid$ zGQkX&{{SR&j-kHu#WXg|NKe_Dy4)%vLV`z_yRJjiRV+^B9r`>484-qR z7|&Cq%`@FDEHr=Vf+S50F5n_ydDq_;clbC#S&(j3fL-^g}R8z*iHr)I-?pUG&g9$3 zAx7(>H5Z3h%F$KY1?7TdZ~VOxk$8nnk3MHSIR{o|-%KRZ(>xe~PdNHWDEy>&v4zsP zOp&03KIami$qviF6{R1wyFv6e?#On)9?ozKYS&K2PH-0`q?+MXs?57AGy%iW-e_pN z^nu6pv1O}MPamK6nOIFUZPTPzy!@EO$iTf5S7Ae!2D50sQ`Ni!@;4T10&=@ zg$@!Oy`Md$O#y@6Ib{sM}t7t-bWB zZgXxYlj$VJr9f87WN|tdW*@r1nGP=yr<*Jj2Bm z&KF$fI7_2DTN?_8rnRB*ybm=(1Ha3~QKmk>$>MMlgx{Bq;mMPZj3!IVqc;&um*2f% zLYZiiVKCz++$2{)T_TjBgo$hzQ3guJ_AgTy>jLYovpjp#DymyYTKbBnAwdxh6wQZr zst_JS2qpkQx|YnI(^Zn@NM6bO@czxYObux42y6;oe$R-vAhB`a_8vu;Zr?4!sL(D>RB3Uq!C){r z7?1hCgTcW4ceHn~|Cix-xIf%G*c%-l{$(&4jP?hA0fRg4tM@5r4#{5zw{FYr+#lq* zzV3h5;roORw7}ICc{VzY3zQL@hzK2vGM{diinv&UIHW(7j6?)UnHRQ9u4+pxz0P<2 zFJC&>*V?Bj5CwXR3BL7E1rSg&qAs&a`W~iTapDu(Wi?H@;kee7b^LthAK|i zRf5+5^z52Kxouzh%a=~K+wH&%OJ!#Q4D9-=(G=xy*tx_>Gyyd$s;y+oYIPb>7c=plVe}hFFyrw#7_+J>8a;37g7;3Q=L5jPI?HH(HI(OD4BPALn*Nt= zQcQW1qX2+`yKkbz$b#RrCBqzR4!}yATm!`@V}Ke;0A`NmIsj!E1HhgHfO3LEbC~@^ z*POOl4M$fRcHYb5bS28mpQU0glN@G+ej^$>Xt1G?A$oO^KO7DBob|uIcd+-k{vYDu>;FAp$xf&^y%w#=@U*_j-s*(~bmbDP|ChR|h<{8Y-ElK?zzl*<`E~|1F*>|JTv)9*X~u zMhC9^w?7_?9{K-6JdO4r#?)*J5I4ti0y)>$>pWH;d78A1*+-LI;5DvDGleiwXbk)& zlvd`OTi8}q1@38VY((l3nGE-6@ya~?FSv~BVQJoIx&qV)phl6Ny3*rCvk6Hv5T}7h zJ)Q=Z%D6<32z>Vwrg=)%GQfwS!W-@R$_l_bT^2`zr#XLPOik0|^i@;1yj< z@CLyEP#NyJ=6plmW5ZxK`P`m#YwWW$Ird_Z&!^K20&5!gwP z0j~tITltd4F;3e`}ezi_l=Xtu>A~F`x&Np;7D4W== zj5E;n1(k|Zm+NZ-trp}+OvHg}mf&N6er@XMPD((J7G#bhb~UsNgSRmBZD&(d>SdNj=Y}bvv9m_m z8l&BY@}dUAT`I%1mOFzD##CERDrSz`89B^7yG3W%KNsr^NwLp(G10sFn8ao{0W)b& z3371?Bblo&cY^5EvV6l$)-ndj8^E4eN_bXd4KOb&@Q{AJG603SRn)OAu{o7>^!blx zQI{B&u>cz}V_jB}@B$alRhICW!nP>wMQ@cQ?eKCV9&9mes%rZ|Q#IP5=3YAA0yR~& zJ!-1P2GqVUa2%EXnM;_NsQB!^%6ZY;+6JHoXzB0X>@>a#Z3pzKk2()havX+fk>pO< zneR}?H&8Qxe)W~*G#EHXto3@lS+Ft+Kzf%l0b)~wmQzFa@-MPksb4C7R? zKu`0+WK@ObS=IGRwwI+OhjA@dRT17+ODdiJ_qPam>y8p31a`pf5-rghse~@RZ_#ZHi zjs4;0GS$tUI)Vxz*JC2)l<8Q8O)D_}4vUSr`5(&EU2ou&0GUL7yXpHLClOBOkF&U4GbD|X3i#cu@w=1&Hthd{{egS_J3br^ANT)k5P6!F&h*U8U@ z?MA`5NxTnLw zO+?w`?Rl<9a+9-X11-AFo*Rg<;_Rt$xF=sv1NBOiO|G7*p6Tl84C(LZ>ZyD1=;?Wr zr*{8`LeaVlF<_JYe^@#HIT(*0?|(nYW61xee!aCGU^_2VZFhEwp3JD-tT$LD0o7@fA8XfROmG^h*lfJEo>mvH?^prxtpCz8;*NBH4eNirHyXO~|KY*G zpy?($z403}$-Ez4%$8V@CySgw7obyiFryrRM9h zx;vujvWSu5Ab5{p^b5f`ddEF{cENAp*CI8;z?5P8EzovafAuh~4d*4!J&ONjwRd!M z^dk;@t@s>21vFtE3cwEV`6RK44CZke9$R(xmwT}<)6%Ttm6g*$%VxSrAfXxz5A ziAJzV{vQpU_#dO;Xngo6|3AbdvMWq$LCj39o zx4b#_f90Nz#|x2M#{GD^6t;mHf+ z;@i`u#qKpD>5^}e*2NbCre)vM_F$u@RpbKRXxAL13c!kCwf`M>EpZoz8dkDnWpzc% zEMHr_mnWocy6(U%Gc1+XaOW043BT$z>g$0qr?Q^d($!pwU-tCL5?ggZ__dwucv>~H zC_y(*q3NhBuispvwLVOdlpBB`Cj|;Xz>|)j!F&;bpvzwKOiMvn&^%oRAXpi=Nep(I zhAgVC0cFiMhN*FN)tzGa57aiosTr{5!>hpM2_679J+EqcT2*beNWATCHyi4raNF6a z3m|gs4R5p&PTgQOh8wEPhJ?`n4!lG;B1^{8`Q12?`^!2f{r`zn=K8o)kkKksb{r#& zj@e8b3vbr}$+L>Lp-Fyk$ojx>G~r3z;^Q;$bdl2Bj2$JR^L*R2XM8(Cqu`Z$BAf7F z*Pu>Gt)ee_JOYMCpgXf$bCA|{Eo=<$)U+0i;7+$#3w3}0-g3~N^=T>pOZnnv2LhY? ze+~~1T={=Ec$EJiLQfK?DorZEtsez-Gku*=kG@gKqld}#ab86B_J!n>vA6|(l#{MpKLD21T$$xMfvRcy4Wmfz+u?Y3LGEeolu)&76WD*+q!|Kad(&&~fm9z5p%e2_=)|L-!C{Csu_ zLV_6CU>H+rW}$lb7a`xa*!?R;q3#2${&JpcVCgxKy+h>a_Bd1!H+86SN62x|6-%QKmNbx>VJdr=<)u?gFKr5OLO)PK{G^9 z65?bI<~T2fn_Wi<1USi4;{ZjN&9^w+@mt&iEA3u6JwW zUz_;Pe;vBc+0QQ4#^`6)uuXnj+x!3s zVFsr-#yM6FQ!t8@msA&=zPk8${POMV)6N$5K_mR-AJICfspqb2gXVbLzh#gSFiav5 zp`t&%?(x~o|8=Ksd>Lc|{~sLgd+a}t_dg!w zsq_CbBl$k0^H&+vx8C)u5-Qm5_@%pWFJ521ZSJ0ZzRIy_^!VCJ7_VFZD(*9v|73L4 z`;!00<6&j}A3Vl?e~?GZe>$qTnC~rZzB;hD5k9+q0sF#`*P3ikIK;OwyZJq>u4>S- z*=}XARqblj*Kiq6z;EJ2hb!(%0$k*I_A%yOe;+e`ns_vLK9C>hBn$12;tQ8`&HErT z93#=me!k55`a5sfe|yXw-8j9(N*)ShjFMadFGy_XNp-Jkgal?tF8#_4i~9EFw7l!^ z&vg1x&r;91+K|H>hcvc*7aZa=gz+M!xqji=6P^~OH;M^x%HN!*oEZ;r?PEA<<^ZZtBjeQv~d)nhyJi$2Q3l1W-pK~QmQQJqo6 zB&3SFNIgv3aisc*AQ-(%;`IdN#0+(JL(iNRzBrBZ`^T|={Mnz)`@f#l`?CKG5BCn; z{eSN<{@=qqb@m@K$<#yIf69DQTd0qI`;V#7-o5?DC+6I<{iht8t#ABkwY>hWUsy05E#&Q5>t7yfRny>90Jw{-q#VgKJ7RrJ5X z=<)u?gFKD?KZ1Dg$nnR!=(_yyO&a)aVb^<<7jO8~t^ZY)^gr_KmG>V1aX1(a-1v{9 z!_njVe~70}{*%d1A5!$=2~Z8GZ=1xb*E;!SkY*?mxm0hQinRm*`~r$@>AuiDQ)|O4jgTB0l|qV;SlC&uZ>|e4M9=|I202|0u}x-t_E4Z^jCiL9sbHs8_s^MQf-cYtqQjb_OONHw|aB_U*{j+zI*xM&8sa=joIk^ zF%OIx{oK`Au^ff_KPIj@WMJ)I;y6CP!g;u`Tl?Yl`&Yjlzj)y@%7niY-1*xy}st+mW*OM@{LQ) zlg^zl17*Cp2TnHTRrR-0PGk6!~Wx&Rp2ex1G{b??_}@~ zJcEDWjQ;Q@qhC*@DFHh^^c34IC?b5h?>3jqAf;C+iNwgDWc33{m%>*;$Z;}BDA=5t z)3M1a9&aFD^@lLL9!x)-(xB0!3rJAZ(*@Nq3S`9B`ir8D&BK}|Z7HevUoc@u)okPM zz{a6v;|4pB zQ?89A$f>f8EolGXxnm6yZ*FZ5DwUG+S7*oXk1yW6w=4$#5j>iVswSg9q|NB>uiv~m z|K;_?$xqe{b2q?R^U0W-Pi(upY)pG0(oUv;?Dw~P9T{}npfUtz4A@ZZAhPIJGiBoj{f0LgM^MI5XAAe(K_ zUH4AITbQZZB`Bj*CC6;fzQj<nnTBrf0N%|1hl8vNgwYw`lj z4I8LR0ah`%>I4;{x?^U2D&x|gm)V-@=F%M@2cODF+20#R%!5L8;5>y|wBXKqr8Sko zj18p=kEitTT=2J3*U8KudU)kM#FZpq2k7puHK&-K=WrT(*Pdzn(pl+L1$mJ{!C6Mp z6=8!yGbm^yko^pRebLfdHz%wsr9e;vs?@yk=k7PGPjyhLDb+QT!Jkp|7DrKxt{@Q{ zA@JiSZgBqKR#5BK@hEWsi!9LsP^C?aNw5~JB-9*w710-#<>49N1o@wwCM#v#!K+{w zTozMA5|kqvk|+SXHcq8=uO&JfmD@I4%3-!l=1k+VZU)_HS$bz=x#eUm+s(tWX$qFN z82$S8YX^Rd=Bi`va9Ypw@3OZ`>xE{eo5sseu~k@lEZD3xEuw}7sjso!N`GB-#^aOV zWrJlM$q0oKBt@qh70BFszd8k|qTU2KfoO&=b)QRW>fy9c(jw<+y>hb7Qk>*8FkIiL z@xe?hb%mzZUUEo2M;$&urez+_%=~)bD>5_cL~- zTup5rSHksau9wF~YS?O30J?xDF`XD0`!x_rxeWehvOpF_lRsQMav+Ix@q@l@|UT4AAyacMP{GqCauznHPIb)K8nGYN}4&&p}#`De}WiN=wL z$W3d^p1$3q1$&>g+pX5fr10vIY3=;F7Ex64M0>G#p_zt$r6t~^ijRqrQI-F;BxMgy z7UhaD&(z5XA9Eg2(o6Uzt!uvEd}p;Ucsi)->yi_m5j4Y}0|A_U_JOTn2EY`CmnexQ z*2~RE0F|TJt!QpgYM?810Z-{%tqMR=ET@Qw>Sc1oNg#=+=xbNjR;tc^{%Lsqv0 zx3i-Cai4noU$zSGBKSj_{J#Sy{?~B-VE-}x`-41N+yBngA#g6@zMRAmFYm<~n5~R- zP##mA8UDZs8_{g5tFhF%ut2S?&OQjX&V-+4Wg7c-rpmi9?MWy}nu8tmtG{H>4V(n| z3fZbLOMPi<(jA1dH`>6F5=%I6TJ;wzp)uu4=uKXdbI+OlN|kEP9H*4%wh781PPRPN zF}f)0D`jPY;$@F6`s&=jn{fxTU;-`?%6x&gZ?BFtNs%{AMs5V0)h3cw@LAVYbfc}lo@p`lk%{4cA4qoboA zao{S5m4T9=1Y-)o4iGj}gJ%TgvYp526vhE~YT7Fdk`c}}B~g~YEmVzSzI$SK<|$IY z|0}WhzR&*#hr>g6|9?FHd#GpY{a+oZ+{cbDNv?6%H`T-2?D(#lxz%ppF_qEZYsFhW)5P(dONH-Y zGFQhzbzdiS>$VPBEs1ySsoFFdb={zdGTwGP6L|(j8Rw-f(E2Jg0~MZlUeMxG-KhBC zv>B3Gj)F9?Q=33upKa?!SLt?EOk+$Jr)kdAi1l$4F@C5>qVB6Ty3HW0#`!+x*z4II z^vp1WTRWqLGJ9p_!s0e&%bM9UO`0N0l5Otnl`oAQ;;DI!$7)S)C-z4kUV^b1yAa=G z0)D((^YOg)>&3~Lak#ABPr${=S;uDqE=!c1_aN&Yqj(`$ZIl&C>A*8SJ6trgSnX*V zaqBYMoP?D{>`)xJM1I`e)tywYj4r5G#?I;2*?lxEj@uJdyDRP1eP-Lpu3YOe3iFgq zd>lf2s#&G>XSpWp{ZZ@Ira43Pa+hxHO|uwQXS3h1pVkVIuaZcdQ{S~1Ss5ByOesD{0E$W!n2h>!n4u- z^HHd1x3L0ky8p9R@&7(N+<(0P{U8sw|GYOHY*B7YCSPK**8)~?C+_~qvv zWt2Hh1>5G9GKC-;US)>*pWqw%Kf(VAv^xUZY3dzT38IW83n#}-V`g{Q88h2yn$-x@ zWbJD4OVETfpc01{atOB>Kqf?~`j!Ds!@NXm>LC6bm|;Tmdf#aS;GNjU{|rx+|Es%d zw9i>TyhY+K`E20-j|{6z;Xhc==PNCVs?OQ1(%FZam&I`YqLA zR)yPcjq)&G@b~@loov_vrH|`*A1r$Wd*kW{*QP(|oVZ?~iU`>2i!3%Z1*RkL9=-rO zrI#Wr^t9I7l9%_xaK5>!rBm7-(i%rFg?z>Lu^iGDU`OmeqR_7J`m2T6q@tQJMEKU} zzZGLmhR-9oTEBV~#$S2YqmVt7CkJBrF4FXpL5$P%vdBQN8U`THmv{rS-Jq-yl>IUs zyjjO=&u)j#bV*Y-)GuFn%eeztWk9mmoI4nh&BgGdsg7zyT{WnVkGW=cBnzk(6E}Iy z9$9jtgU}7&G?16HhVZrEt_0(|!!&c-=w)Fm(X@`HY}=O4fK}Uw=MbZzq0HZiubDHS z{nD0S^;gM7gF35)71T&0X3krcd*-&cOrvMzUf?} zkZ=spmhD-4+l#TaTyt#ene$C~jEljuz7-^{+;Eum``@f4->if`o@BM_eYq}DQqw6x>qy7Dwx`i{qZ@DpMJLMMRIXp`di|=T`%6V^};{cPC(?;`xq#`wR(iv924G5_BKJ?i|2V6;MjvD5wxN|l!p0G{Cx<_KUaBfk{{ zMfHb24v#h*UR&&C9m5piVXtSpuGlD2e^3waiYpRUuhZs+nPg(~f9eWxCa|f4b4N_|wng`z46TZ5k z1c8AaBQw4C`!=I;L^q9;*tE7EDr2+z>c;AZL$k$F)=L!N1mMpnS)qjtZVGqh8{hYC~@MrIpU>~(>yl1 zIjeow$G&A<(?z<1v0jym=6LmVihl+)81;>3lrQ6lW@j#X%%ywH~G&LCm?tRf*ZiD zv7@#fgDt!NJFv;7^>4+tx&;H+=>InwRQ&&jkNMvo<KM;4tv9+z+;WuIHEl} zl!L@zigIW*=~Xoa!(X8AQV#~rMSJV*hNBGj*>%o(+jYr`lDFGDg7Ve@DSV+*A0^D2 zKTZ5!-pIJM1#lDpA5`ss`+JZ6e-HAQ@}In~yq)N$&N$fOQ}ItY{WPTT949{&?B&x_d%e+EG} z@Jr#H6CN=KK#jqyh~qW*wSY06VYX3Z8K00|=NBZP^YS@sgG~+vQxw92B0$q6;tHJL z>S7va7{!seaunkw&QT=N%MoGKVLX)WF|i znG1M|KtUOv6hMx=#I~7aN+%(MY?4O5B2Rh`F$F)!L=bmGYZY)+daD$1XioKRGu_#l z@!Wc~?OA9i!X?M0)-8cq=6%DTR?oe>Bxi{R&TTM>iN8#x0lQKemz{g9+c4VRF4HQa zSc9TkyOjv!N;F8E@k1#)GV2kHau6lAN&w#zC5ULajQd&gwPHwsygu2nuG+o}$%?k)Yy2xLXG` zv4cuhNLL3)()TG^0;)BbST|(T43T&ZLdb|h5sBI}(B= zJ~~-W`priui_`T|AH_PRpqG`;*LE18dcY7Z(}bcLxcuum+8Qj)VUA`+%mMo#pUVP1 z*xiO}wK;%b1!Eimx6Pez=x$Jlk&i3aZqRIA13{Dj7X&^2Uw!{20JC4CWYd=SYm}6$ zwB!Ok#syj}1d}C-dpEb^5K8`QlK&~ni`!@a+hXQW8;qe;lC*MNP0Hl%XU-Nr?Fk6$Pe;lYeq+N>i%@MVQ{IK@Oo+TT4hV zjHb70O~P>7Yh}1;TK_5l=_{rldk5`)zc5+x{0 zlaUb11T~R#y=$yhP((accG4xzON~#|bOWF-S+AqA_OhTk9|@)%T@jok7b~+l3zYT= z?17-XTA{G9TJlLA9S*1e9pD8)mPW^=Gr=27a}kiselLc;ye?^edx^tbhg2y`*;(&B z%@_bnH%AX>AvlXkHY$}jG8IlRNm4$xykq{By)F1K(er7Sw}x7_xmz=?!ia7Ssd!Zx zP4T+bKpL`TT*9v#O9OE0VT|FlI*OHMUGNQKXjBG)I>NDsF@{s`D3&$7MC$!)kFK}K zwj&MOkZyfT?S{Ur?_EOXropH}s?JS`mtGcW( zc>x%U2m1%l4O}@v%TD(0JhiQIS$hJ(Xe+`@D@#ffm`5awJM$2Ekl_Gy!pX_1xW7N$uEbDO@c88^nx zz_ekBRtW~7|C`L8w+#!Lr_0*UocGm!jn)ZV z;;{C+YWgKfv!=FdzN^M-K9{Zg3p9ve)=f1SMKwKsaRUHuP}EisBG!SLj<-a@22qEF z9`d^GTlDavb-gXxbNXr%L1T;FF6#A3@Jhu97XeWmUgvU9mleu%3PxOzY7Q?EIaTM( zER%8Vf*o*)ljt=!0+iuf>@p^(oytYg7hpITjTyJpJkkrr3eu{2{X)q5HC#k$7dHA? zBjWPw&2i3djO|8lSne1aVjWYGOd)VtWHm5vvp{LCwK`F<9J`C{>-+w~QLMHK`&_sfy%mPn zx4WL{_y5!9-u;hEuFOh;>aF2&TX(<>{=a*Bhfe(G(eUu#G5*JcJdOF^^96D;z_T~Y zv`9=I1OAy#MH+Za0V$Hs6wOki?#b}W#c|B7=M7oI3`ZK9;Ecd*+|pv5Bvx%}GsZ{BnOAc*qx z%{ntLH>@b+^;gqG&@$ODBU_k6qRB1@`cs_r=^{|SyP^IQg^Lt?du*xaVM+)Jb2j59 zZ|(KI{g3PGY9a<0MeOq`Q^}crz%kNv$CJONxyT3MsUk1-V9JXJfaj?V7wJ_3y6?gM z!Sl)f!E?}GWl3MP@E;&tEYpa6pa0)0`y2S}Hz4{X%FG~E$?R5HBBR7UT#GwN7fh~$I01UP)s>?N;KaSzYFtdJm*W_?69r93aRy`9oIivw z-%>6qFHKJP)oJDR;0h=^PB;f6+K*i)hx1)K01$tFR>bjH8sl(ni9@1JrazW4fhAK& zxxgbNNT#MNYLv@+x}S_`veqo7Wo5OyzHX3BHtC8Mj*!eHt7d=Q1$K9bo9nkwFHmkF ztW{cx@eGCQP}wi^&)Y-JnKYLOWoL;fWdx-+C*$MW^4r81+UYO%qlHR3xzTgOBfD9l!ke?)1%neSH7!-G$wcU>Nv)kfh{wiPq{2 z!c{2a+z^VZch3YTC6KoLpv{`a4>`N3*gT zU;X-hS=Y$aQ})P$AyjC$kMdEeaO&zZ)V)>BLlapsRH^J7#Lf4c5I4(ii?~&HGvdxW zIjz4bmRB;o=auR{-#Cjve4Mfh}8QJC!0I(wLG0~A5O7MP$21itQ35zvVrkEJuPgc(&e05n2NsUty;UxuN7 z8B-`GN>;ub~l>^!k4fMKE%jICx zY7=jb)Y77X`UO~p=q4?$ypXx|cRZuH>q7I$drz&!=NU|E_h`bdT$Xau9mw@cy7L1i zE46D>Ph#Xp+cXO#D>vA27wA_dC${)-S;xzMOTO zMr%yfRks?Vuwk?F#WU>Hm|Z-M`n`pNiBBtc3A%I~YppSARFwHt(qRAC}?ADq;(3HN7z4oWupq5%~cV zn*W0H#ZRK7Ba78ksBU|9RM#kxiG_NpNVw+t!YLAw6(YW`6hRU$#2&2Qde5_~ZSm2N zKW=Z^^kdA+8ZRc`AOCxYO_|*XK>gaj5#vvBsCurhwj?r5RH;+ApIew?=LCl63=zzE zMVdssl2PKvN`V^sXY5xWn`nWoNqVg~%+#=+En?*1ycUX?qRT?n6cV30pDYi2%L1Zq zvs}vDikE0j>l*kC6bb$n{03-Ba-KzN*RhV2r&lUfVht$UHfdt%sI-dp$z+wDT=rl z0pl79@fN736X|$hO>pn-XRy(d)r5IDk>1bSPp1#erb*pOyLJ_8`L^6A%63}s@y9WS zR4{Af=j~;qB#n?xrt;-W$NYVJ=y1k`UcPqK-?xXFr&$`O^YwW~5R6XJgysZd=_XVA z@h;kp5h(*A7(cg!{iwwM37!`EKgn+y19pS{KRg^)@;~m69`*kRdAMQoj9+Kd3ct#8 zU@819)O~LGHBxlwi?OkNTiAb_!pS|MeIMzQw zxCZi_sNLQ6@Is^xK%ZIdK4GG^aG+NQYsL-lYjtZ)_rvHc@5NJn=g=J>+p)?xjJqz+ zTFrZcI~6aV@}pr%wj=GoD~NFDryxqXoJEU_4-0EAl6~P<1T?T7*wH1xH}skD35ekQ zB1DY0dBfFOia)G?=%N9qw1kUmg_fR@ku*=kG`8MyuMhOA@iqAA;^Hjet{v6)=e`dY zC%n8k8If-%;Ns-0a)MKSWr$Z1s@}$|2WoB0ca(8`GymsjBlnsAd+*?IRLTFn|Cs;r zK_0>X`5Xh0X%MFgh|@U^+i`t)bf)jyWCSlES*yH=QV(~TeMLQyA9}L7&T(tPRF}Ae zvN?Iv*KE<;fQ)+59$*)i`$kn+iXo*Xx}sQ#+m1M(lV64PxK)n=6&BsWV|UlPh@bM& zy;x@=uNCJyIxU0T9C(paxgD~S$nMG5L{lpBjWz1St>aGaPcmv z6!wgq*?P(GeXTetv1%al&A%C4%SZt#!ONVUsU6U0!`bTGFYJRK&tQ?~*^eln1io2w zODkz2<9@H-tOC`uOx&TVxDM9=py2{Bfu{t)k*$SLJKDStd6=E2;bn6#8i&-Hb3;7w zw5G>^i!-tV-pU($vpw`|Gh81jDX9Ex5XLW24AZA>Fu#yw9V&^)XPJQFz!f-V*W z(M1|ZRoHHcmVk4-L}`)NqHKR}2{f~<`7TWBvmathJ;MLz-R%Dx2KjHa zH`sUYe-93akMiF`JX}TnS(ttsEC986UTU4TTy?*FIB3(BFJir=9H=F6l-C9)FG?-7 z&le$YY1cID;g^9jZkzJ_{uSYwKR6dF!&b;ef<|p)OGX>1HN=Z3{(ofTS6m zb3?W$=)Tg zJ2=>T-2Wfq;r5@+`+qB2kUm#-?AMARnmc{H0H8Ih@^y`=+vJiZ+je($6OP#6jUZ4; z*|g`2vwEOc4-h@TBkvoc(+vO!ZE)ZVwY*Hgacw+2KZnx=LJBsoG_X z{_QxKvfIo`ZF{@bYd?v5u2eA&+yz38AX?Y9JHWG)2&-ZfLK|!NgwpalhpL?aT#6;a zXcw|SwTq~3(LSV5_AzH|fdDPDeEkv=dwr?5R`?}b(lbFVQG|<%rLa8A)8GP8GVn;x z%`H&;FZ2d4v3siLZA2ILwZng^vJ~9l4q4}P6$m zh3SNvR6j*)nUc}Vi=kS{mGt54r22DX?^LM^9UKwxwD=7JwYewa9Km8R%4yClEToZh zaj@X?a`IgU_GXr^pdeDqdnAi?mb*JQ;@#r$%KxTgaQ~xBFa26(m)>3z*dYJ!4~NzG zkHg3O?+@~L;yxJe*mkBRu~qk*RRDVL5x>CSRIAy4?=UunZA2 z0jpu>5+~6Fh)YPFCCXt0bIACl$RcDMZ8{>L$};4+i6AyD*?ve+L`AQnX-3crr-ks7 zO4G|C1Hoz-fIuMN^p9pREIY{o1&XCSjizUiQh7qIUXnD;?bo6^O7Ju=C=bphq!(ZZ z2p!8P)?@WG3SC7S0oVnFjlw;qT49nN4CS!f@8JU5?BRC#nG)> z+vO0lCB!c)oEA&4KkyHYw~)8D3NRlTl!W&6@%oOHt@&zNTW~>QITrf3_1AdP?|-wJ ze6#w`Z&qE|%4BbEaKKIO?gEqlexQhmOYRbBd#%>gdI@tlg%klb|CL@ABu-LFx5M)P zQ5rAP2)&SD5+5AvEQUDAQj#-9=Ah1b8OOAqp*6y-gSkDpe@4^Lfy7_YUt@8_i;uB~ z2JT{%gmCySgTEH2bM1{6FCpokoav>wV=N8;7X{QCb-mtNnj@@~KVYlq0*X-;vpEhdx`DHtP4aPz}6%ip=8~ z%pdk?q5r9yp|2C1-{=@<)BTUpLB;=LZ}@os<3S#e{-^Z2ERCp2MW^lt15Fxhuz)KB zAc#;5*C+yP99yb+mAl4UYk4Jvz&JB1BQ|LGo|B{UYnQcNMwtz)Sdyxc8v@^sfbW(Q zQSgJhsHI#u|CAOa0LjNaA@XcD_&IgSwT4bzb$uHqsD!R@{-2yMv89))i;5Kgw8`_?F?HHpc%y7**o` zjUVGbJ5@AAPIngrn4L*X@rhd9cMp-SJM6_S#POxi`~i43Ut8F-33)$d0Dd``P!P0FdAVdNA%x zW;XgGu|%*?C=}|2LScnPxP18`&4?t{90vs(2Q zT^Uh5E^OT_yOI zWaem1_g`r)x6IxrOk6%^aM#_kvX^qecA`Y_LCZ(1<*PuWR5uj zzZ?Qpy-|YNP)D&z0;Vi7^zX^P6G0E3kCa6fc^I-)$`X=@d@jfbk>NLzX<^B1o?-f79P0Z z<(lBR*j8Pt!RweRkDjr+@eBh(niRJvX^C}e^i)hEyrnzN~)6~0P&q$UK zLAXa*FMsJwowh6pT~!)iWUA5j$%$o~hPw&WfX|btj&1T^TWPD!_5I_eRjJ0hgRtbJ?=$2H8|GU7HJF>d>k^?tY`8&-|X( z4;M?E3G1Tn--}xHzV+y9H<>lHY9_=EQfzzm*M_=>=B|%sFcnfAyBl)gM^r0~{xlSI zRC#W?5GOCuU{OHT^aFQHS%l;qxldAq7jK13c zpXGCq{+BK&S7i~`L{%!*xAPTFwRiN6;{`cuvIYu={c|Mgd7M~`(K5LNKw_ynb3+Q`1OXr!u+yU19wh&L!B5`8I@A|x2X4~#~2Dsn_& z`z>S9THVD+k_VcxWJMC;9sMUw<_s-`NcmZ>7qO6gGb$3iqF%^Wz2a8?-jY3b1?#Or zW(%A|UENDp_R_Ul+PS}9hEV$Y`D`C8|Gg!NR}?n-pT3XX@!x9vr$6z(*8lx1pJ(U_ z3qi63qN|Dn(BqOMXtt(tB&AY{!+Y3+IC_TQq?o?>nIpa=ag3yIr*b}MvN%B*iLsy$ z1d57VzvCo2dWI6B?{IpaW@Ju3kVq9a`u~qT1UE&o1m2V=p_F7OrU~(mycairy%8)U zN6*j&uq^uN;s!-D<44|tiXQx{&_D8K|HyjqulZrQ=*fS~SN@Rn3P3X)-mg>8ef;PT z9)C=a{@~5<{m~yhv66qYj4qD;@PCe;p`UODN2xAfyyQn-nz6r;P#k$QBDklTXY6lB z-UAO=M0)=U0#vX6i&y7we|Y)&#~-{^^yGbPU;o2?zjps~e=z=9|LwDUo}r5+P8K9) zi$Bh?Z;y_S{)k~m|4-W5>YjR2Z_@epk3IbD(X(gI(0lv$U!EIVWI@GpJp(I5WNV`C zitphx<&biPGt#qO9DAN;!#PIJ`+h&@20?e=A0Nq%BxZ889{oWdD@6%Qx-0xQmZ9hG zp9RDIe!Wx9*M#?E`{Uyy#{fr;0gl=Za9AGT$QodOY6kc{{UC>j)uljii3`FgBXGtL zCy}%nGa`r1<|rhY=yJW$&k{ovMT-7`r0BazF?5h(*p?K7GAV{ODNZY-NTs^aX%42C zwNwH3By-_AaNs*=i*LV-@4&`)upe&@PWPjhnUKNh&^;l2#{l=6^M(Nis~F5}}Y~83{$a(WBpQ*%YH6xkn#3Mjx~tysDXsZcsV^;-= zfdcxPcUUox1mBYk@eLPb#a-iQHipJ+jiGVb7#f$1q2P2+?K3)1`;460XY8<^#%-;q zaoKtrm#n8?yypOihncg3q0^ilJFKU1TkC0DmeAvp^%RWu9N=Jl*Z>D(_W+xv@VKoM z9+#!?xFm&(0hXn3yn*clear}48KmxCgWDwY-6dFs=|lL97CD0hwb8(-jm8d1JZ>wA zN8Y4N2fvvPmbf+kijI$=7;ju|%gEtUkJ`G_qq0jqD!J6bu*R2ROtADJ5#)e)8@!6u zlpN?v4#1Uk@%e!+`arqpIi{kf;+knWcF=OaRn|buQJI!wo0c^bT28$xgL9syYTW*T z7KZP%Fh&klI%=y*M`cwyDyh<7&)CbrKaflOEnL!{9wrU@)A4ad49)2WlHXCr(Rc5ocEzkwK14v4jtqewk5~F3#K+bhCAqS9z|yQb=U#U%3_W%dd+b3 z9gcAlk_??oy6E8_W&-xzky43ms+ws4t6Lfy zQNmfOLZmbSm7qv)m|4^xI~`YvuZsjN&Dwz%j4C833|qh3cY5bK!>DJKZVsfR^iiZv zU`BL7xR4YYPX?3uaIB~?Jdh!V1KUVcoTYn!%&6z^)3E|RIB-b~wk@e<8(ThTP3mEV z)T6yfU0G6t1NmvNjh~vWT=}5QAO+!~JMac&jVYno1NAG*N*!WWkz1)POGg>NT2~oy zmh}tT!@72iB}g4d015>MQYhF)p=KLeK4{Gb{R(vk7IlJYjSa3;N=f%+7}Jy!l;TXF z{t3bnPGN6C3Lx;^<(JTG-2*Lx$zkg)m<-%bS#aP+L7+AYnj-XSwp1P^WeIFb2rS5a z9mkvq=WH|^{PIET*$67L(YI%#x)*)H(hVvflJRQ$pn{=rN#jUWxpu^nWzVj`w6xd< zUQk_lLGxg=Z6+03eyq$aDy83QgOb*&nl)IG2@^}$M&W2dA4sCMl7a)bQ3CfiiX4oK zKCMmHX@xw#O`b_*uK(AX3zTN;fkp)B{9-luaJga;nq#WA)9_lblw>QaDhDb`j1Kc? zf|1js8F(%ewzUOYF<_@Q8S3$B>DfKtOv)6^7RsX$8NsWVCIm$@w9aCV@B&juL~h`@ zY}D2!YQ;i5t&XA@4VM+!+K8;!kdsDY=1b0m3@mN7&SFzw-$>fwVGdw0bUJ_oMhqn7(Wl(saOL? zTyoGhE;%U2B?q2us`*nV8ZNV_wN+FxiU#|k;j#zXn*(Ju`um~b)Z}f^sOs_k&~Pct zmin?^ofLl`H2RK7>9?JfetA;*s>MOpTx|HGD4^l=1NQ!NYg?b$)BV&ae1&zU9~XQmFDU3TbtZ|+2r;ulY2WR%_gtk&g9i`iJ)w`_=VjoaXEG3(rmc; zZ4FnyY`FS`;VRJ>JJD!1T>Z9&t6w%;{lakFjz+UN>9;i}{pzHQ_d}!E4)WXDL4Mf| z@(VjiqT%u;e1{$6x3hzCJ{^{E8SICPOOCV`BV{!D`=QaSY5caD#xH9cztA+>(Qt{f zR+22AnF^QqyK$LFl$*F!J!pf?q@wo}Bny=yxktw`R`{ME$l9+4D>xAx$~P@CwoVay zOh{JF-Jebm^3SGIhkG`0sohCywL7V(-APsLHe@+9xoFeF_MfM&?dOS0oljb;^GQXW zPpaxXa2(Hgq#0SPaTXzxJfH`hakL-;sWjNelo8dH3;R~f7vA(M*xL)(N}W>JC+mBH za2%tbuHNc=L9WiuKN1wNtxMIl#dSL_xXxb*Ab#pi#f|AJzOJfGL|N7jipK1K$%qRq}uTGm{{z{ zEzfVw$%moa^>~=kv^hRLao9VPw)W1XZ0}4e_D;j3sf~(KgUPK7%lw>?e4PXr2Ua(d^Q~t(9;^2M-%bvt9EXmL4!w*#V`Ha!L~rn0fgQd&vo= zcj6T>56j1xs&owK?Q)f7>;W>I;4gxrL`|$*BD%g3qzv;-BJc;QXYZhFzo{$PZ{jeu zCv8n_`C`RzDA^751Q(EUE0z%*z+SFr1<8TXKfJoQMk|_SdTK`p9iEwvPOH16TC_&% zG^U|s9V3ZM0Vz0&SFz|^_HMqUpOoc15P6n%0a04I4C`2I&x%(OdLMWq^*xL zDf>8+ijPw#<`O>;P^8il!jM*Zg~d{xSzHpWU*|L?rusV^7SFXa5aTdOFd9^u6Ie4_ zC+GYvOQ1ZHV3rK3rn?Gruo5ztD-&~=gE89TV7P3(R;J$A3x?I1u}wWcPu8&6^qO#y ztwSLdp=NfPP?gGUCCC<}Dp)z9M(Z7Ro@?ql&ZS1sKoj+#B~i**6ADx#S#lM{G9kyF zA0NIyXYO+hVViupDQA82pM5%Fot4{<9H*P zghYxYhZ#n2-tV7XIpyEuqvpAH{qp?9o0q>w@t-~FKaTpf`agbu__hAe=lDEBm--L` z+~;-l{W?)udNG}4INN}oaht8lh0br=)!>H0As7@h2-ipxrFe?Y(^NSU`um)Loq!Ri zD;nd>l>RzFVo7=4$0O!Yj|>!NM&QWB3e!Z81k3J1#s!)Y@kofeAx23J6-$zalUB(h z+aMe+DS416E*Op_jx!=f)Qju?@}y)#*XkZTDa!bfb?e0$y8HG|fftNDzw6&Y(-)R( zKRWt|u8Z=JAK?ZX^b!3;GHI)$k4GQ7*5_mCKlv9xyvz@)!8m|SM@LY0jdFz1D-y5J zYfTn)cC)BkdHd?}23@>5zrID6H|Xt;x9H8w^S8I?_DA&HOLY16=Jx#c>z6Oki_7bm z7q_qf3wpd!r&W)Ry68%kund4yLkJA>{m=BCx*#7Pbj% z8hj*sAQ9@K+cInG)ZKqEy`<&;lEka7cI=;A32c}DlVK2yEAoFZ=zp#M_*p(uhN&!I zDOtLzB=6CY#n+UhG@~n=(RibZLP{YF=H3SQ|LysW&K8!-+dF#29?1jAPS7LKXIoWU z9LHMzTNemHuc{{xT_#HGM=V@JO(F?_uE1L|KS^<65|{OrUNiy8pvyUGp$H-q*0vl0 zMA&DWLNCb|02#sZykCwJQq(YjI3`=rP-z82nUCntL`wJDO)90kp`QFp#kg%*Ul;P- zk`6ffXnBbjMU>>Dj*6m>=>n zmpEKDd!u~G)^Vg_3{-Fk%iNQVr_@YQwjsm`nyGyX4{5BWe`nz-Mfr?KW&RN)qY3@M z3=|bZC1>DRzTagD_heJ4aTI(NwOD5)LQuC@aRVS!bn1mHQbIVZ_HRcfOIR2?BF95g zBUvDfB(ScArjUZ@MHmv!RY_0}U5Y&r{GMehVn~xYJIQsZK<_21MJ&{s)0AztykbyA zY@KyM3Tu6&9Wae~R}-xF%tH9MnJS(Nl11nvnlUCRaW}^?Cz6d`>iF3@N$TS-_=4(t z_E_ZX;-QI2;Sl@AE?JEpa7JaHYDdWK4j9%6{x#(ia;*Nld;g2lJy#9znW=QO`huz3IrDqM@>$5bst zB@w0ZtC$U=AE-c9f$`Y}4*lx_R#-}5hf|3p`W3aFcV8_;&4U~C*lO?oN0t4BC3d2nvsx1a68jJ zsObwI>!`i_Ksg+m(z}y-;^i+@3fvl>0g(?WY)4V>HD*L&!zCk|1y9f&jsBW(e78k1 zc{EvMg!4VtB2JKQY{hh|Ldn&QK4#s}jWliTUhWczW5dr05t0mf2@)!nuzasrw5KX*!22MXo@2O6 zpj*(}iSxXtsw}r5KanKQ`#MmL=kM()#nX(f1g7y5uu2ZfVwK#uh}lA4Q@Nz6#1!n@ znBCLE*~D~o5S!%K?P3!PdOJ4Bd#bXD4f%=KB=74$Hp$;RkWD<8$12{EJyI-|T+QhM z&JN0Mlzegkx~C0VOoDoM{aONg4K0dSAJSxRF0B~iIgkEy^)?s(UzDMn=d^Vn(&V@@ zY)>KhJ&j43BRhHpbk3v#Jn5MI(#~0@_mCz%^KPejBt5y#Sx3U^oOBWf%EP=b)WaMM zaQu~a7_qLqO8-GrYJ?%1;w;#dRYrvIKP3zNboJJA568=Qc+0xBguF!J=Oqo7>XHS` zTk=ig(#^E0EIVwjzO*xI^#|0j)VpGqQhOXl(rQ%w!kfb6crWP)59dx`^%=@SXD-yc_LkTr;p!bu^Cgs71XE1ca7 z%v*DkB`WG&m0}l}wCDxJ>Kf;eC5h}+k5_heqwUk@uvXwwkS;z}mxAb`5V`~!q8yQg ztryEGBGp8Mt-?|2Ez`Lb5-}sL!76tpYD>mswAHL)*@0~Cp`UO}Bg5(72AP*mkeLyd zS?Rpc>3mKTDmD$P;00Wa#fv5(OSs4|O$5r;5WIN*J|pvAis<)!z6L$YKtlIImV_h~ zyvM^OiPmsQ6nRi#q@MIZ7fCl|Q8!@`={+-jb#W4PaUy8f{Gx?)oYI7-OZgq#rJ8JI zt^$acuH*QM#WbwAvzPO?Ok64NtVZ*5)rDFS5&}v!hzj(~-mOkm=5u5hRM{Qkm+z1%=`1GPx=uVhr@Z_5AbL_eo@0IJj<<2Vn=S=j8XyCj#+Gvw3%b7-5kI* z7VtefZtAR&hx(pxc&L9m8sO7e6rB0?pBlpELy2V zJ;`@gblbGl#;j7UvrS?2S~2o_vdK4}wKn=jf%rz_l^)&-^bYH6nJ4P-t7RMyp zLCP(y8_g~7N3G(N7I1AS7o|IUrV?Jfdgs=u_F6&gUBJ0&{J@9q5 zATHu%vyETj8q5mY%hX;lkh&u7*(| zv2-VuCBhY{^-Olo-m8b5vkuhf?40OJ#LqfG=eJ)@I-KAvToRtoi`jTXFW%nBS&_rx zC%H{&Qm$0BPt^@t;SI_NXYm6;36B}OU#BLr&k}XW!HQ~dBG#$q-YDS>hNxbvFHDw! zV5oBuuel)E_cY_8gXkQ>EN}B|1O!?dmQktc&r~d5sg_M|Nfo6qQA$et*RN@E&)p_K zPpf}*Ojs4F(oqI?e7Cq`=pb)Xztz<{CNx>}bX=f|Q*{hRPIXr|>^)PFbGXBJNzBj3 zdW=m`qBoc(&3Jq0wq`Wlz+omME6&jQF}nTlGxYBE0s+VnH}8FSjIPdaZhn4ohQ9gr zSL9vmV)KyW_uFsZpo^jbd`R-}ea2R2=7xCBGjjpI*VMatc$>y9JAot*kc6V&Z)~%O z*$l_td>zMfapY$C7Ii@qK{EomU zjH9TlyYC7HkrN`qE@04oq+$twcCo^{cbt#ZEZzn>|6HWf+bxTu{u{PdHH&kpBN)1K zh>N?t%UZNf&((PxvquxFgpe-zAXg+6#cNuG0xY`C`PML-J!`tnpDw*=x5;0u`o^U< zjMr-R*LQlEk^yyNveVHl8n*Q_SC}T>7&xAdswW?5zvFxQfkba;6vgBbXM{JnA-T}b zuW-i6CU?45@?HIEa~B8sggG^pp=P44rlKr&N}AS=@^NuutW>sU#N z(jZIT`@g^+WxE)dwM#zWRT>j7W+9HjK$c72h`egpK=W^kd7j|c+#PIbnm?M7L9Sr0 z=SjfV_oS{sQ9wVJz~zxNdlDv)6wxNn{@XvHzzc?5f1i#_{)|fw8hxfX-=xq$>-^xg zmJ^h#&A0=4g`;wN_X@4|?p1#&iu!Ib0qnLaZ^xv}=AGn1N}rD4w%H5EBBpg5R?V_N zZHg6Z<6l@3)P}sv2r30il^R{orTMdi?6rr3hQyK^ zD%%3)9zBP-W*%F20@U|~bR%z_HThFvIYa{-jT1yL-{|x#FsJ0wK#!1T@$UNdjcmH+ z#LD5419=ycd8)5+*`x(gv=`D?c4h-3VraYQ0eb zbGRX18C(ry;r1Mi8jHw{xl7s+YS8%#TiJb&G!h$3yWLxpI1$Da!j_GUU+Tui_fbkR z&XS&P+*J_w>#)|zt`!hWhW>Ce8%?57Fc}Pk;b71o;b=0Lj{1Q=9uEBeh>Su$#oI}Xw5hwagGn98pka-co#knVinW)2K`SYuvF3OIT zC7>D*nzJk3CCDX44db- zfSAE#(Qd&y>GRYdEIeH3hNSv*Rx)g`RoG4&$dZm1$mHp;Af#^Dk&~vNn zV^~QFXtIuD>5tVfT$3&Hip(0z>oK2JcyM8|R7s z^VQV}N*}@#L{_QTyr9{Mb|g=Vq?D7QwwBZ*Y8#;$&lOHhgw3U&Uh2ne4u>pFp3^En zn6wq@zmN2^2c-yAS3;|eYTI4mv~Jj2%CDfKrnyS4H)3x$2EVs(1*YlhN#2Js6qh-; z!h-g1!4UR%KI2Sy3V?*_OrcinrDo$N-Jfg^ggt0OP>JrIuI8(E_iWT)^DiO~dof5Z zlGMyjQ_Bq9$jPMmD*p&s1-CmuFw#I$+Abvlmqrq$ri)dmcW<2B6h zof+bt8;^#CVgkLDbpj|Hv`X?$I1yJ?o%n_|d2RyiV650h<<+iqxMYuss%{Mz<~4Su zl=0roe^cBf{(06wfnUz38i(IyK{RytWv>eh;V)r%Sm^xjtHkQ7yjXGudGaNrEYyPx zOh)ld2P%t4$Y5NA^~mZvOPQUn*)^cdOuTw*V`s{2Lfil@Ym3YSnP7Ijsq~mn~iC z_jfkm_!4Ijm}`zy=9#O;oim+C&s@Hm*8(inO6Q-XJD{(KW_8`6u=Q3XqU*+BpV?>E zEd)cIH)O@KO{d^DjKnIPbM*ZB{7rX;!+R2`@a2XJvO2cCXqY=4Dls6JSRnb9-Wgy~ zLlj2i$>~3cN!o9UOG*HDH}oGw;rJckqKsmGhvo!Bwc~}H0yv1N&o6G+8Um8s>|Y`X zGC}e%0780Hnxb|51X;OH0=1rVkXB@sGF7BO)2*rRrWrI7^#x5Mp!&s5qPjfToon}n ztzC`om%n%oqF?gFXKUwy@-J}Svvu+>vf?$eU+UC<@{yD$JV%nU=zRBS!g8yYrwC1z zoRmecT?hOml=4x%+FOU8_On3TxCDKHB>st6N2@(}x?Q$fnuA1{Bs=c^UBxY13ctv|f``vvt z!LMaU1Vb+$!SEQdDx#%!dY;N{TUvfPDj&l7~wDsrom*~pZ0No zKA%TEp5ZVev-*+t8d7;?L`E5`plyk=x+R+tr(ts?pH`-?+ubL2EHJ+ZC8m}R92m*< zpY?l8A4ozt?@Gss!e3B6Z=H4(Y9`nWUp&*?h45?hJZ-?d0gh+3#2P$4P?J=7!Yb}U zb$$coOVIFoDmLcw9|Kj9t*N`6B@I1;3FLK>4hEX*zvkuCyujWIS00+AxSG=SQdzx!st| z>t1d#C2c@04astu%$gZl>fwMYN#?~}9o9RkS4Zl5gTj)W`hGACM`RdGPoqJ9Gzj|R zc^LZP)Q@ICFq@8pD4P3t5ca43crqT(hvOiaO#B(avuNJmg^;l$vl({stqFc0eIECk z#p?Kq_5C}VMCLTDgyn_Bv+W*j-N&@MX@aNw`UJ4su+`7D`o!mTcY06gp8&Ri*CO-x zkg0>xdkz$@;n_Ci_*&nH+fY?1ictPoZ0QZtbx%r>b|u{f<+ zPxMvh>o`JiUJz0b9w?{!AUaMqGZt-B=VlhI9e!Phb53KeL$?&~y!*8ScO_h9^nu1? zL0<9@$H0M|Gg!JO9lNHEoY{JDo|8^$-jDLv%uePtW8(WfY-`H@+IOC+-wug$HJoiT zhk5rZMPN*)T|v{l-KP~IFvpT@L|s(^%JyVkT;}7ff_ma?dS^eX%=KPmzOfHj(`3%F zl@e|>LMxzcsk{^--9}}A-j?9%Ecq6Y35&>;iTeLW{&9P8bqCXZ_wL2jorjc9 zCx6i1U5XzQgwgHARn7?V>4J!2rP4%@Os=1I*RSCztZS>f)V4thoGpmh#ks}(CRY23 z8y(U4oMa{O1O$LviiNs##8jPvC*UyN6#(zx42G%St=&bNzl?a&8AFBWw|vOTe&AgS zfMF8gY_`^ixF-183F673Hm^W&vpJGVPFq^*#<j3FTpgyloXq{m6xL>OKU$XL$*T<6mk6T1kI!L0l=CWwQ+;iCAd25hg-kxKaF4w!pvP zc5g`cmS4f}m{B1};(dm(cY`gXcUDllOd_eC2wJko{fAeqALAKDO=VHzi6S3p1GC5^+ubk84T@!WQuMEe3t|KZgKa6*$Gw&J8*LIHm}~&P)E^m^s`cb z_slMkduNr9rAb5|Xtc($bV=@&>>{cn4Hr1S$1lIuVrwA#XPS{8;PQ(tk?b<4cA@N| zqvlw4rH@^~Z0nw*UjFLNP8&L^2ebpv_xgT6@TbAh#I*;L>2xrh;_1wvhU3%ed>)eF z2oFONkuaPLMtDA)&%&u6kUDc zVQyr3R8em|NM&qo0POvHf7>>)IE?piy$T#T`>oxtNs+o*I@_Lg?X=BrbMdjA^mk5o zp9CTy32TaA2}+JO$@AKu53U5SqAc5Ocg@dkW0AmMFaQQKgTYKhXflrx{Wa*EEnuA3 z8@LRg@F8bBnH`h{VYRwAtr&v6u%FI43bi zbOJuN006)OK1|>gQdBHGkD-qy;B5;=_#KKVCgB9EyDb<+`ls8sUE68-C_UO zoruJ?7m$@di%FQ+Axb(?O#GFXSOJ+6+6nM9hVjNyp!jP$3g@jGw7Dg*&k3L#O8=z4 z1}zKtlG+wvzi(Dkq-pu}ci+0UJG33k`MR})I7}c8QOx0?CB(r5;BZF%QlOlm_I12M zoHfuE0IN8tB(*4>GL#l2tJo6*r>flE-r8viJ{?-gCPEVcqbR^0pNTC!WJBAr-9hWO zUL^m*Pl5jj#JjoYHn#A8r{|6e{D0Vg;{T8FJOqcub3~H~pbOX?3@0PH5QHWxgAb$ed zU8n0>u50z2YuA}Lr_l4!6t!9& z36q!v0g4%V2f(tx6-q#|Kp_1DnDAip@9$uMeL%QmM*)lx@KF?y%@T#lG4LT;l8~YV zkQmSeCTO+_DB{?2`6K&|H}`tAoT3Bis|3b#lw71AS_cQ<`px;93HSkjA*1|T@$!3KN~0DL|Ei=vtMHWm7!y{|X|>iQSS`_60P*q~Eu#P? zh-2K?31_jzqG;s z0Y0YWHvCU1btE_d(fmE8Y=7STC-8~nPBcI$0s~RbCm|AlMf3OmY8e6REvRHb;L8_a z`Q_gYb_2cx9e*llNITEIKRx^F+l%+FPhUO%&&T8orR!fZ@cYsPx2=DtH_YjOgJJh+ z{Xfdn`t+%=al;^ByY-hZzlRO#>3Ptnbo~pV@X^-)$jRG(2g7dfY5hOOQ@Z~P0l#GP zFJTr%DgVot761X9qCoEcpFUZIYT`R9{uzWg^qG3!7gcl81FL(- zI!;A9(XOrBdHhS)zcde6c|CxMdUxOo+w8xiQEvTryH5Y<{O3^~zBXsvJeW?y5_=Fh zGQQ)F{H##ggTN86zIveYZdi)3~1Od2^S--1K7 zP&lqf~8Ft9af}0 z0Y>31R>JFPn|JM%`s39{QUdIptTy@5VSI-6&p}iS@S6~X{L{!r-xN`&0TGpN7?N@ z`_!6e)oNNUVd!V)VVhe!#GHDcF>s_6h1LBPS%v92fk{6(BZa?{G|?7kiz_DM*GNsO0AS<-&`WQcgS`OOgZOd8#hJf5O{QR|!kw{-yC!5EVj1uxE@)0Q2@ z*tqO94MHP82oiLMRAA{L|fw1@5Hud`v3iO z`ufM`FW>xVFa3LMqkjGO2fc#*x7Qs#>3@&%9DuV04Cg2y^FL4H?^>F#)s!E)>HcK5>DDZ$${@jj`?8;}r~?y|N0aO(Qu?9-2NNjDs`8@)m| zrmJPdP^SRSAr9G2PdA|_cHZrSGOp>%c%QC}id`8u=t*WcXw{nPoitn9YEAV{`t@sS zR6~Yl%eR6I!y*|*CKi}#nXev|XNmCPj9;lYj_9&G7wucpJjeLCDN zcDQGDcv!bs>oBg{s`lHdiWqn6F)kmXelsle5cRuTHs`v%VV@3{?Qo?X&M^|nIRIu_ z)pZ@}b=%sVceR1tEt_3V9qKV!k~IQLJdcGwDR1?KbAFZqDP1j*ar6c-1rSVQ1aDXw zj|;t3J>>{h^ptD7D$>Etj9W>bVgbcC)tev_}RLwO0ZJ$m!#ZI{OohV;gy=I$^ zURu3j_0r;a)pU4|`RUs3NwLRHX^($EFkv0$^V67s2>~mLv`;#BN@r8m3lI!fk)%g6 zJu0QgppG64?Mi~Mk9$#Ml&1)TSU(9O6jMwS6naSao6&$SVGw}nYCgjs5f!B9HWMv1 zDZ1mMqugR)paq+NF^2xMmQq#Xo%pyHrG_PxG9^5>U!asA1dPcl^ttmslkj3RgI=Q6 zj=SU9afh5ha$d#>fK&D-^w%)-kk7b3YeW!#N7!8fn~y12MIenOAmQz}g?76fUOCg) zQCaQ@W!c<4XcXWCtb8&15-$>$EhPA6oG}IOZdrp>Lbv$1*UTD}%q&yxcALuG&W;1* zbdO3I9@jDx0&wW9rZAnWJJQs3^FwwT1mqUb2zrRJsT#p#AqULaak4tKn}}O&=@K9J z8nAxJfSHyqr_y+m9kA|rw@!D*!#qVxq(6BN3HWG+LvcTh#epTsE;^SWZ>X!7YSK2Q<{xRam@JS4D$Puo^ zy;^Q{_b~kN+6Bqg%^LnnaDP=4f*_zM;upG2NtXAnwqw<@th9qvu@Th=!~{6 zO3wHeC|H6R1qf0p#&pNKNp#)uHi@oU#C7+uEVA0;5;8bDl7aVmw3|(%JF2m1aKvi5 zd}jkBt6UK3-HZWpuW{dP$Lo&M9ZxrQg_lu)XB#e;%|v7RMzbkPa~V2&OH*KRvYQay zJsB6ab&Uj*La)RILA9jV9q%~S<1J%dr?Bj$uau}OrncfVkd&&%dbpcF+8x%M-f&cF zXt0+iQlf~AcBFym@QzGvxP__JNyvK%$R+ZzDIPoS9)rHy@j`c4bG*P&t)anQGG~d% zIoOc~qQlK3pR~ih`VQAgk9!G^C9-2GIyzRj$_zS>$tq%eb%`nE*9%ApcnCCu@lrr$ zW{|6z4%Ug0dr6TcLS(PBgS*e_{*EiVzh!0DiKF{TqeU8Y8_}Q`Y+&N{ZO3+ixK0X0 z{30f*4oAJwtUr{L*>U>!w@m+9d3GPllu5IVD8r`%Z$KH)5(3sIcF%SPk_J0&_I<}R zR4J4`Z0r8lqb<_SFQgK3N*Y&VDiSUYurdILP zMwbvEB3bfY^L}Oz+r*6^Q2!|)Wc*(7FMfoTx(EbhF1x>*_~(v# zrgTyxTJ>a~c2g%^?yXj}U`9Iv8}$ojpFFYp$KcfW!D$qMc?^9)uJj^yLh@&R?vAcp zu5jhzNLGP9LkCF>k3hhfM}QT7D5t^<%|SAQVe7_?&_Y@a96SN>K650 z{M8+oENZ88Q5&LH6r(l2pdhvsagq)~lBiuO*nlbGgBC>rMwRCu0)?91xpy|W^4cfG z-nrunmZilp9~e=)`L=A>KE;IJaeznN{At(~37AO43xF8SVa(?^{`lUAiz+F~Z@;py z$pVS1r{WwL&W)2ZYD?61JE(I(<`}6)63qbX+{Up=^b~2?w0Mo(jh>6 z+^f^wl1`i2J$DGHL9NQb+S}`*Pp{;nPcM7XXFFP)7U-pi>SL&0jkUSAkF~jLcgxt4 z(+n+My8Ffsl&Tjk{!3kk)T_1Q?0wtO|@?Erdrp$spgE!ZmpDcczm*x zcii}-#yPHAbEmDl&z-hz@lIRUywk?I+bejS`#wM0{_*V#ZvT6C@mj^k;l~(308XQb zuj}z>HzJI-5TT0UcK5mG)-Af#bj@pS86s4Ud5%b@z90(!OBOH zRy!?_@u+rvR6E*q_i?o87F{>GrlSp`m3vfuXbhuBo`?dP#5kPS^`LsR_we%Q7I*!w z>E)5>fgbI*RExU+hcrRZ2V@3lLcAOEv|ERWMX(-oN74p1|3gr2>eUQ(|t{h%H@^ZqnO0nz!A7ZXnkGPK_ zAHAK9zsCc&aJb8ua*XEaqsSO0PT09)hRoRt&Mw}HoMET0_?ZA(Xi#ltyLsx3dxQLH zicth{41U@~D8_PI;5)(+(#__&;QsR^`G*8Jj!z*ll`ouo6Q@MKT#}K{xL)zcaBL2Ajty7BIv}68Q72& z2odt-HpI&DoPpf?LYL+eFbT7+l*b?v{$G5@=7m==XurfEkIupCya*E%hcE~>ZSd;~ zdp8!3M-ApH?4wCbv4V8{^K8;f7_MN@`EOp~idFbi*ZGlEp&hqx1)>FuvkKM8QDzk2@o>%Uvf|J)t*x=-u>F`fgq&O{=5E+?58@mp!?cbQL> z;&~_*{8Z0jM%} zgz{LyTqSnvn{TdlJ+=fHOr6f&2UBrFaTU=dMsNvakX8{6DBLL59v<_KXKLke=z^>Q zpLHjOm?9tivOqD~MbZe-ZO2;>LebGT-|(!PS6qeyXT;}H-Jcb#lH~W_@d}sd*A2|)N6T&D5yKZDmIT)T=I|GD+qGM>+wf7oBG&lO3%!Dl6P zeili+!Drt33o#(d^@-1oR_mImkxKc0p5p^=fxH{e=6^AmGvKT_CHD^8-04{;g}|N%K}$?B_i<4&-eycK|X3(;4DSy98-_Pep=cWFYNielf0uB*FXJyoy4pX zYZ5^43tuI7Tu(fS$7v9NOFUmB6kH;T;x+Pt1+Ete80<-U$2|%ByFSML&seS{JqYhr z2-vd!4;{Ck+yDDr_bLDTqdaU!5y>uoV#6;oVq|uHCiKR531b{=L{NBsU1$|W!6wHz z8Hcf3KapFsM)5JYMKUOhD68$^kczDy#=P2d?ghTj*mw|9vzVD9Ackq3oD&)VQ0z>#{*L#DL{&j z#hWF9A$tiE-W{_^BkMXv-25i;!SiiY2peYc=|*+K7E$%{=!07v1YC;JI)-e5H}9i0 zh6xh;SH2~?^*?0A0UU#c8jdLfTm_MV=u-SsyQ#1AlMLESB4X7k+fMjrS&ykXs*W*i zVrx@V=`;8%V#3MwCSt;gnr`f`)TdjCDn%K^%7`$n&qjuQTjk*gp8*aT$PexZCI*$} z?FWU*#q{kdpdJIXH4A(JW+q9$PAd;SOCvvn9O8h%ZkV6Gz6GB2z6$#G#QF8WjimfJ z0`HRFKi>vTVwj-$CWCc51EQ_k5HnF#1v+cJ0`UWhnLw;=<{t}drnwR?kryL|)uCK$ zN5ZO^=_rSDCCB0ll>&MbatRIj8h zs=|J1SKwM%8WYCn?X&4b;>_$~2$W@Y`wXUp1Ple9?w>U+%dW4Zz&4UQW%1pbOuZ7) z+pFi74Pcq6+)Y?I7r$MXtKBwpK-o7aH`@%Wy!tcE%d~H6GG|t{gLg`#|F`n2Q-4#b z^tYgT7iu&k!tbf)`P^Mb>uIS%3b;(U7qizSxrh-(VUn*CoBFj;r|9yRubIGkwu;Ly z(f@@mV0SQ_O#K;}y4~qub^_6fkNla}osGPydjg#)?4OJWW3TT+&vVD_XxJThVRts0 z`3{^y&qq^~Hdj25wD~FFk35`-=G=}^LEvm;88y&M5KUr2l6IkdCUIM?Mp@~LO8Bhh zvKmItxk~sn-&dKC?2?e=2OJ=}p$S@6ayA*_&|X3u+C1uK`e#b4LBH4CS|x$;93>ak z6-C~zvjF1dwMwpP`%{@;(>HKry71O&I#*kkJe}&f_@q2PJ@t>F|7Y*g-eVi}`hR!O zck=n)`n}Q9`QM{F2jGR+b3gIuSM*CuPlHJd01K>Pj2X9@@DRx`;JF2P*$HT$Y44L4 zY|j%(4S8yB@sS@aB5=WLg6~&JLPD8o)?1*Z&PprNa{Jgz%eW>?)E3-) z5wbB&%ujSdZr{_@R8Q6ScvhZ|G&7ma$Lt@&p^&&WJ5Qu>o<_*yp)i>OM`rx+Dj<+s z#DpH!E&x)bI#gsjGU;@^iBPdl8Kq2mNteOmXHB$>Mp;rY7DrBg3E9Mh!c`%&Zb~|y z+qa#no@GrGsd&DndTc%N|WlC4Bo;&BV^krqq zZ8HXkN!@gDcby_;=aoI?QP+?(zFf(+A7l+>tx^xQijqH;C*ZF*2(x6}`Jk zPM6;g>CwI-;}YVqL|l9Yaj06U7Rs*|2wdhwLicj@+R@dCL34QZC;<7MGKF_s6Ou=i}gJY3@1OXC*mjwFX!+^23 z_+eJ!_U%DDOB_zX*m0a@rQyd37!C%#!A^si9xv@MjMuyp*uE)?rzm(~dF|rxKaMh6 zak@dXU#F1>CyhzSB`{DexR}qwjYxLeE*Fgv*YtK5komqU)I=$(Rg1^jJ+gE!+`8wL z?`>v>7KA1eb%Q#MIwc;}wVw!0ETjD48Cl9e;r`LR*=~yxwN|dHDKeAK3K?Oxl`I6J}A`LvcuZqOf(2@~3|2~U_B52mwNn$BC zlfcg`Mx|}qcT|BY4>n4bhx$X9Y{#CbM=iA2!D>Xe%{4_JIpZp1$I5;+I113bRaz`d z#z!HM86~y@@{=VaS}kkf7@UTiWWm;(xFeS=V93MBd*U)mjNlE3Nf1n-ck>?)b3DLz z)r)s$Wo)~N)v^{qkr=FZhoVk}SdoH`)?PE9ykN>f3_5=gDfaT}dY*$`z+_Q5*s8#` zQRe;_m^~a0zyG~*60kB+v4opVq=GK-Tauyiq%QM>*^L*lhx>lM_ZBdw6Y%x_^S937FVOnusrA2(HMZYdfB(OS zf204Ed-eHmo&P#I`oGV-8^YP*SqqFrl*3u zoo!s<6BxJv}teNw-D-l^V=Ca6s*4N_rre6t!sd^%5Ot^BRoze&Ss&9lR*oINO>>a z9aev8h&0$pX0_d258>2!OQkPS38miBthuFVGhiiNoHNmw-@v9QW>9s81eoe4%~(TT z=}(pW;YoELxW98%C-}$8Ua(H^k$7=#Tw#9j?l`5LnN{{=wxt_w-4Ag`OkQp$w;?!v z`BF(?4OPRP2Z3Mn)r7GmUr>R z&6`e|&1vs8w#I+zIXVCDp*wJ%{J$ULff1JBLMC9{ZNVtgKe?4PX=T>j537&|iU9$h z#xUOKEScgeNozrtXaX7pdq`r0I!j0s6lW)13wx{~1p=;N0%K|mP;4*unAj609O|kw z8ulG$G#IpQ(B_uJKAp5IkT%w`6s8t`(Xv#omz&iT>8^gAhFST#rDMv(92ig~wZYG_F*+{*CMC`?gWL{#~cr z9p>+U4Eyd={HI5G4uB!{2gRbig`#q;SK*NDMoWh|4$Gs66_uR2Ro%V;_?zq<& zgJ=~5AX1WBdc|}C%xk4g@USfKGmg=ZD;WE`lKK|MXwE8D6FY@nM(6p$i)~CgHz(AB ziN*MIM+0pD&ZP9(`zi132r? zrry|bQP1_qomzsSjfPXy_nP3a6Ro3|EE9->T}iF#Ra06+t|PRu;i>Z5VP&Y? zwR`Dx;j!bmV{d@^?)b#-bq77SJDho*bleM(DnV91AAU~>X@l9YPI{7>@g0I@=gK2LtIO%uMcr-W}H)y+>rb2m<)bxli zZs*3k(lf1DO;J|HlHeOoS))oLh?$Aov)yhwbGs*l9z2=){s}_<*mK5H&+kuN$C-}( z{uFf`uiu3|XEYuAt~Z6qgDsruimrWUJm`)4a5{x(?2OR3KXqr_ncqcS9}T_!tn0XNFddJa{$SMW_In;Y zK~s0=Pft95Ix1zjnWlH+wrR}mUHPr9S;KKt=w;+B9{V)`V$$}0V>2{ry(xKH;tps^ z7nA@P0{pSALfRCzgwuAmbQND!Wqi>J{I1Mne^4t$t|tZF+g^7 zTPVlLkktFtyMPrH_U+Rhn>9O9 z9==N~d4Bs*Tvx1`K=~+9yy!heiqf#|BU%&(RuM6(1vLI_X=MU)31h78e$zl)yq58M z7ce|pm^f!*f90w+2xG=8=wF&!Yz?r+N4*%QZ323&7S3!Jf~lsvLUxPDmP#3a_I)Kw zmYba7g*rqY4E;lTq*<`q-?Z~fOBUiQst5wcb6QiGedaY=4cS*j{8mK#(-Ia{vY1Pk za_hiotVs)e<(49tWd*Y4%Pf~^j#fE?$v`zwIrV)2!A~T{|0Mj}=7RX(bd?b5!2rcM zVdT#~rhIq$t_5Wo9P-JbcP(}BES$0@Y}%wNM)Jlb4lgx}0tcK+E#b%PJMJ?spqyR2 zeVgC_|C3Yl0>vH*6E>$=!IQL{@MftkDtaw1;Yv?h=y_xnCY6GhEOsi2<>W4mD7al9 z5%6Do=Sz@A)NH{t{T2Y~TC$W4Bs62D@QgIRz6_9qS+cPy7}pCaph(#!kBtauDfsD& z8IKE2kqG=Pc{-+C>^KG@2MiD3k3uB;e?=yAQ)mL}=CHQ#w%b_}LvR+XXoBKP5(qAD z{Qe$?J`U%Vgpa4t)8rOzv6M+Mauy1w(FX7f)6?7)Pm7D!0Kvv9{beqn%Dud@c7Yi* z#zJ)@3s1h?6{(aeMObwxUamO#%Q_jePnimguh7->AIM9nn#e^Q#8lKd%{Z%{lC@qf z`4tK@OoN4`*K$MQpD#n#sr@32&1%GnVSVd`{Lbi z{2ANtTPmZ*Cj>+!S_Og+hzN*jS^+5qZpcbSx?sceJp%9+a_J6oiIpN#USuo_gCQJPr0Nb`(C|vU%@EF4qC((ULQO5j5SY&lq zGaQY;Fy_61B4i+PGfAq)CT9JWMcQ%%h4=dUha zo?btH|L*kV+vgL|F6pMI*=|+i&hb8EYg{66#4$Q2x8W^}eQ10xiR7sbh?)rAE~fSM{uj_!bUlBwmWLEi(Y9?(6F}=g;52 zK7I9kB2~f}MuC5cX6mCiC)2o*B7WJRqM zkt*ouBO6eha6f-OhvkLumU^MI7VbSHgdF4En32(t^D3qShEy?J0zSxX?FSswge{q$ zMBNW91Bh|K%d%8xZ_a<(X7x6}vrOBVii(`QwJTaGtHq=^yQLB3)HACqMNQsd1?R7? z^hNk%ZID#*Ug(pAN|ptdaKrQ81#1LC8W3``id51V5{mS6X=)Y*brn&Li`c2z)Ysfk zxHE~V$y<@GOv=H@ZA;No7_q4|xljaSZ-LBhM{L#|xlwbprRd6#CbM!L%_q8)GALuu zzx)!T+27MV93@P{BcX?)gmzRtE7TVQJ2JtS$w#Oq3w92~zJtTLl`N2Yebf@$!7c!s=<7oe)1=>n!T zLK@$B?xzqZI)D@9LNkDrJ4iD=5pRUos12S&Z;>snblnA9BY+vZxDCM#;!+(`Omi^U zCm}8PC_(WOhoTE4_EBt$EE8HR;i<9Y0HbtqK#tW*2?|6d zc(XF)PykRk7^YC;f@_cg+Y+*D_WUDbz!qACi~@~CYQXbFzX-l&)6C%|wZ4qL05mKg_)S28Qd9!MUYPJL=vseo4 z6#3wTq9h*)ne#=ou^@p@6-0SVrZ%Ed*i|zJaLkoQHHQR)a}>bM74k^v(+P0Z#Q>fj z*Dt5;KT{RgA6|F`^7%_9eBo`w-u0uIpu1KH2r>2bt{}`qOmZWx8j{ zcF*&@9Qf~T!e5C!Vdv>C_mc9-PEDZqJk=%ar-{DHL^p|c&(pjN^nFb7{A5;P<_-=- zCNPm?jH&iKE$R|}#LLx^VKw-s=X~o99Hu6*x_lb({E(|i1%Jf}Ulp``MO81Hq0?#! zi4|tfXtSa?A6u9h!5De2vV<6Kvcmb-6c}K^5>X20+M)(-W1J)?v{iFLPOK9Xb+$6& zqXi?}QIUi#eG90=M98(r*FdNaZKV5zY!VKDYtC=TxA2tVLH=3_|pGC$34yD?921jlFuy#Io^h-qS;IDwg6En_ zIZsJj!u;2u5rYSDsCQ;SjHeq6s8JV`Sd_A&t?Vchez=4mZQ)6r7F!sS0q2f9Nl?6! zAyqJ?jI_%^gxupXtwZ8uk}Jz2bE?p_w((775I0YgKQO8M!?F1Hiv4kYb|J-%x91lh z%<4jbXP=}fAHmxYK&B6*em0>G<|s+|q>2#<-d?`sUpZGzk0p%W3xs7r*=(1zSu^E` zX+pJ}t|ZRvGVGK0T4%pC&L#L4J3G1`QqUjRh)ExHP%7e>ynz(fW zo<43R$}Jm)+A9YvvF``BFh(Xlf50D+|B8J<{8Ir>KDWtC)D~qFk4a*PX86YZa&tn( z0dWL9q+BQADj{rh_n=U=`0+RQDWd>}hM1N5BbhK66M#{Km_Eng^CT^z>9j5FK9trJ zA7y(NIvKpCYc>nK!ZlqNhZIHJ+43lZ4#SbGWF7!{CcjjzqtLfjDk{+|Pg}`REVdSL zXiXu-oN|z-07Arp!OeJ zS-594Ln)DxpxiyF38OmzmjXC7omhC-i!m=?0@RL4Z9Y(P2o4T%JL7`TB;6Iw9fp5N z7pXw~CqnuC0FG4lj9KlM5u_9u@(+VE5&Nwr{o(9@crZ=gP(Uhz$s$FH0Z64$_Q?!o zq%gaH$-)NBPy*U=-O0QY7DT>R_)L0b0-h0L1bp``aBa75IR!}9TyMYN*Y`3X4I@sW zCADc~j5lKU)26j_DwM>56&_-ZA#(w_8Dv9!$%#|fFR${`#RlJ#WFg)6xR)ejk78!A z5r|^KU0Pvwbi{Zh0X4XRb`BKNH#2LjB%lUH%86e(?{X~ya(^OyW{};}JQOE*#;wDe z$pC(r81GD?Zt}Ws(91po{UC_&^1C%JF0E zYtHJif*EmRM#uzAVO%%U_MT-8$547vRX8A}_~;`x={Q@!HFIXo589|*dvx7+LYOUK z6`i(ZUfipY$uH$)C(FgVGdbn|1?|MT(}7-Cx&Bs(c;$HmWRb$T;soem{KxXopDvC; zwDyjHiU58r_qyYBwH@mq_-uNJBXZ*)AzGUn)r`cRzV{mOyUnaG2I+ssLBORRt}=xi z9grZF`nb^K7@XJoPMwDTGdCF|MC?=Iz@I1mP|8~NELIWNbUFXf`7=Z3J(;~v7U;dG z{@sUTSyZ}#vyxw1U(4N-nk`LNNp_Wp_pca6qCp)FpG(KmCD9l;X_Uh=6Kr}wEMwnu z{~3#ffi!F=huZ=}-qErl+N(EgsAMK*`Z`3)s51b#A%`M?nEtRfOTKmHF1 zbSLAufYC`Yv;>A!U6!yI7F3wVq3+rQTq5ZI9ODGNVWMl={p$q+P%uX_(>SVLu#E@N z^eCZ{HWdF8O~80O{t;{7!l*#F5+i0LW3uAj!@D!Eibx1PESNC13fbVoAow5|7b}>* zeSD_%61DlLnZX8Q0b?ewB)15K00yQTd&{8mE=1OpDWRqu=2G%hCPU8{EfR`td59R4Kv@mVUenpXNpLd7-0G$jkO*24Jd@ zE@fbh{f1uUK&u~mR?70xdduKvQpQQ8mFfOmB9;~fR;H-%+4@jKP8T1o4Z&6&FLGrh zN^`$RUw&^vZbK0WVzDG*I#84tNn#3$V~I8`<@ScUw05{>!}394{vki_+ij)>FE{6A zf3D0c@Tw}$od|uOsSzS^zjRkm;*HeGv$!g(*gzR4RzC4o{OYVQiIG?tLb5a#XDaP> zrEbp2v4du=&hm>>R^})E?Pjj9_%xWn$~3g^1QtEM|7on?K27G|Y%4HItC@C&W$_Pe>NEQLa0b6~Zl)3@IWZFNB*+MP+{&|uEkf}YVRI0_SO+raDB3za z(XVu(AYq{BcOB!Cu);4lmWr}bF|X9IRgpI!2>WDX){GB~D+9gO$nXW`P^DneeQ9`tS*8pPc2!;`#47%Z;Urw6>VM zjX>2ZSDHQy{9t%m;Lyiw?5|+JM&?GC9gv6^LK7Hz$ZnNos+WyomunHV}F7((_QJe66BFE5>VWhEEpgO8mV;``sV0_?0>1 z@D>P0mV9S%CqGH`*KA%03p^vZM?#v!5c9C4J8fbjAQlei7FvsA_zt8L&qE$2gz3GV zgODdf5SOoxTI|vk?TV^!QYr3Lss=2|Td-1MFhQZJd8&iAE#b$j8+1DXf5u^g<|zJ- zPY+e`uWYUUS>zrRUv3vDd>c}jU^_?_si{46?T%*zgo$dx$M=<->pyfJ3$y z@EaZr#_*}|C88i+g-nGug0acCjsZ@R05Q-Skz+tt-hws$3Wt~tudNP+eWK5WRX>bs zt5Eb+P;o|rfZXzsw+A3#?BWp7ey zCW>pf&=FjmXqLG#!hFu zfrt$&PGBjZXpLeRu%%%!C72bZ+7VaBfAaZxzVvyh^|cZyJ||`z>GGDfhu6D{*RpvV zyhs`}4P-(9e$xeqGjc2~0%VndU&tzEN(Qi%&C zIXVYAUzfFx!g9lq5%RSKz&bLo2AQ%l>nG2&QI=&xI&>WCgl8lMX0EU_zqBZ5-o>fU zBqz#M-xie(rn;v%IPg)JU?@DOWFSIi*I|uaWiFueRcFB?4TC3F7d9vr<5t+U$!e~A zmzAuj%`8BdO&yhPa1dPG;>24RhehZkkMiuxAeHp}i;Hz%JF1m^9p-NHDz3=7VuWW? z6fDcXzir?_zE<9sA_$CFk@_;Eh$E*Wa|r)OWj~8TK(UWJ7#nf-QmYo%2r}j@sfn>( ziR=oDr^=%p?rg*{mg?R*V}wv)gMZHmXZ#TXI4~U&QMgV`B*k0?px{-QhSl~t;zh?# zsTT1WKGkbjXltVM4>-^c{lzoQ(nE|pS%EVL8S5xy|F;=|i7xnck;l?6XbiIivIG$}`k z6(`H_V7RFXU2DSEX3vLU6K3YUyKoDm{(~}&4DF0YWr7(l{{a}!IfnYq7t`1g^MMO zA{DSzEDLoJld+u$E_6mU9Mi;@Q-(c`!Vc$X_ zqoAL!ZHr*yQ^Et*t98bNM(!TVbvxPS4PsjQ4Weuwc}#>;;X;hoMQeE+o-0RJX&00W zlD#SKjfli6WP0>5;>kI%GW$j%k)Gzk2z!>bgTcUouy+-|Sy8gI)m0-2Z{Dkh-BHjPDL zv||)FICzk#6dZ7jW|O*v2X}}{k!isEkw&Qiy`k%j#5^!UE)?cLsG}F`FcDJAdetRr zu*)^-+|8`q9bCqVd~CL{n^D+^opA|UE^kiIl7 zg&bC)^Nr04l-k6 zhQ{+D)CdjyJ{L!t`ur}7BbOljp==BX2Q3**mZnE(ImrQ#!a|kqJp~k zC_*6<*)XCEl#K14rZCn8Hall|E={YbZXIdq%b$8N@@ZSmc`utPgvStqAwZCBB(vx9 zDkKS#S2EvTzPysD0gWAj4Z->MZ1S$+z&LQbL_VgwcPnPqn)QemecVnh*}V3ryLU@g zY}PSZ__4b7)zfp2Pr5EU89P!(r~l}@Pt&Mg5I;?#Y9~?9s13()oMFGu|8*QE|8KW9 z9DL>W-GSR1^}BBGE2rBVbw^(T=fQjb)mLAwXaeJ}oW0x1ckU1JeEQV+rp5OO9cY28 zE%I!18mv$h<4{ECSfu%MBO>BriK!s{sbnM~7^it*)8wjIiN$Vx)A{nH_34xLDQb%X z_9B99V0~d*H2aEYz+Lw^D))=z7R5-6O4lpp1%PiZGOdQz*?h~_a9 z-x)@qL5LZTPe7klRnh2qQ`fwAGCdyv8LXp-cGj*u-(uK)`c%>X)J=*hZ;}cC7`T@W zl%Op5tSuQPtvP^9+T;o-Mi~Q?D*>1}ma71yWefm42>>NA_DnLDPrCZF&59hBH0)f; z<8&p;%b%%YEt4EZEB!_^aJoh@oFk)=E!5qH5$h5Pee-8+4{H)m-?5X+^cK<{{cM0& zrmO0QB{_}y`?qGgzoVzg{ttto@m^o{Y}x;vLD$Ld|L$nmf7<^a<>C9k%=MeZn~12r zzPM!z13NbkaJ@K2+#tZTS8f^z#DT3&8#jea_*aSg#ZkAfECiL?KMVqM`|o@Mew3No zrGX!YzNyg2xYyrwOqn6KfAL(Ma>FWt8>6K>UQl98Ei|@du1tu3WY*GT{p(v3cjN+F z*1yZvd{+K0uz|`2tY=HrG8UoGjhK1RXd|=o zVi?X5c*ZImgJe! z3gPa=RTNI3v_W}5l5f|}KuU3xSiWa?vBnGdw#|xdL8VL|HBV}l!UOF$e1HYGHaPUL zm#|UP!vs$^#5X=66tn**uX~O??JiLeD|K0A;De(WH`^5hr zXtN1i6_V)oIKtX*nck!A{EqR<$Wn@}2=Z}zaQs0!TE z*w~2FB{CWAF~chp@;`7HRKwD|(R2l<5I~J0wz|?&ie?>>W*|-jk7_&(ER}I7Mk4Ut zPnaeo-pBwSh6-=AS5{U4*6Ff15qNEM*F`GlY2J-V9WmB>yPs1KW=x_d)ogWlN63w0gXtKXh=aUYg3|!~TG!J<5(AsA;yD8LDuio@12_$kCPAiwNr^~dR7%@l!jEs$ z_hRsC1>UBOnwfKas#kaocF8lx+El zfa1g!xAu&)pVBVX31Q{uLoLaxl2sfQ0>0&w)yl|kTliGE{8HBQO!AHwnoBVagAwKq z?8(}VKcz!cKtinXtlOem6#I-9lb!pvy**^;4am6CeZQ?_ z)RWBB@txZF^xzK6P58fdczhWDk6wS!&GUcPed7O*@^Jotg*+1aOky*ffSI(X1i64f zU*_sdazXSeS-#;Wn=uB+8^9&8l<=&=8em>l;356&GysLURaCJqu{ou6^!ZQ8qE0bP zV*%D;#=5K`;kEO4uA`906wZp$rRc4ruo+(YhzC26O;v49G*zP+YWYj&JD{ejHb+g> z*n-;kD;)T#f94WKCMsq2U*)`LZfy>z0Gj%{*E@}`y{rRz(MO#JDLM5#vI>)2*;(14 zP8p$Q0R384me0XSMkywFeB;|5#g_7BesOeAe(1A{wclu| zUD9sTvmZg(3cy@~a0fWHU zAKs;@Ztm3)R0z2xCSpDhbCzM#3e3O5Rl>uRaL*>g8Z1o6GT7!N3DEDzag-yTbs4Sj zY-;2%TGhhN{+oO?PYZAPHxc}Gg^C-Pv`aA-#S@U7OZ4iN{lA*}(ro>6*85QY zzumr5kpBn$r}h6RPr?49k}2KM-lGl4bq>HPNPAQNUlkeNumGu7IsZB}RV)1Ks&omJ=4`QN7CQU)l>K2$2}@j)BW#9c?|jA)US8e1G3HwMcZArge@~_*Xs=#6G5r| zpmyiN)>%*_j;b&T_m8z(Vob<2Qn1;S+IkvYyuN1zq|y3MeI@Rs18iCU{a)A2`~UU( zgQxZX7|$KzKU~S_aNiN2GA=o?$g{N;)#cLCUt(e8Q!%?UM!zz~k_{kXbmDhpLcXsE z5_N#@kr(|=gFs|r7wi)W;!Svt0`!29Ak3xIAQZ%kH+Qu|K!|419kxY`up<~Jm}ilZ zuuJ1T=u(v{XxL8uFtbjoPt1w~AyblVHCZI_#AoJn8B0kEb z=CfGcL(z0v#7J?_zC_UfImQWk!##YCz-RF5ikM+w(y;v*(Al*9>S0_P&QqLiivO8u zZ#*9Vh}&hYlsSG1Xu>?y28W=`Cy5PYdmfM}4BFsX!FTpw#T5UWJPqW3;h^6!E^Kt( z8}~1^YXsZm|E`;l|Ir_HhfnhVV?09sSE7GHR8;@m^&AqmRM>yDggXF-@>(cLt@st; z|9QUU?Xmw0_jF3UfU0i*DO+FX8*my$j34Avv8Fi&r3oMUJ{HND&(tR!?&Fh;5-w|$ zWY?8vdQ#bo{%=_dJblqVJWqS=WYR{@QY5PWj!#)RMrz)x*ALID?5C$#7-R$er;De zo>s*uO3?K~XgVs(>o+%OqYqQ$%x!~q60cAjw0Y9;3z#h0plz|&JkwI!ThW9p+n~KR zaFZAu)sf6Et^sAuH^@}Gx~fhw$`91G!l@uw{oz$R&l5@j-1WSw;b~Q|)m2#9?rx)@ zE($jtjj8}5pGw0UZG}@s%-V26h0%}@I^TeEl%ROYcsjouCvtyf&Po4|NM){%OT{!= zd&-VugwZjZX=35Eav*tD@g{SU-y6z&;5eG_q;B#47(81LnwYVpBy^r{yYh_hP-qmq zvMsU+J4eRsl(SXzMbo3r@M!DK990~oHC+o^!#mZj1tYlA9&4fM@84Pu`geWqEdNW1 zqsf85HvgZ|DDVH*9}J)5|3`WB`Cmpv$S1az=YTk*D6TyStdoe@GM6b2_4gLff;|E4 zjKNTSeZfB3F^UMq35hr0%a=(_!3561moIGr^I{bQA{a-`8kwyV>0;cVUChFs$-pju zO1EjJg~IiuWo!>JXLtRkqYCAX&#JaCA?aUSX%dAk!(5apEcvla18#m6wKK+;Pnqa1 z+GO3n;O8eY1^R|J)e+TaBsRvZG~ar=>Y%dh=0GV;R2@mmn`7{7%?VlT`%OuQ*JdZn zO+$Q_pR^PtV-|vRsM?3>0u0eK=lT?jsTJC#D(XijN^p*A*PN$^S>%^geQsE|`6BCkjY)Tg$?7xpG z6n5~{RD722KGoc@DPp5dwfr`RX}8_cZCOZNcijJXx)QKu|99O{KL20e89e3xe3VD; z|8F7`zPor0ycn@*gJD3WnT6`zUxa+yVfQZ>g{((d$#=bspdBFU&HycQvESdlgj$_H zON_#G1;IwP>{(eD`F%x71OA;MO44uLf}d2r-`R6V{x7!f`{Mt-g8t_^Pxn6_<EOhMmQUQ!l#{rvj<>G`V{uUk9V2aWKTe?;q`o;~+v8#L+h z@RmU~fnn&22o;?v4m)(g|F%5-4-F8C01jt3#K~qm()VnndBEo`{9kvo;bo95{NEW3 ziuRx3)BTS}d8+)s%t*eE>HL)j^{saODufCycl^>_co46zvTg2xeZErK)OvjFB#bv- z|0)tRm;YqE)%%hE`u+U__p1%ev-$kQok;=wv5ZMjic~H(Y*uEKl8l++ZaSc>zXYqJXdBAe$#Oe^tYaVT9yD zFWj)GZf{Q0yAJ;#)AxFm?A+Cc1SZ(a!e@1a!&vTuLqI$jEC@~X+x)c`z#1!ShduA# zM=)8ue=l_n_Jb=76;}xU%}f|~>z5X3)aNuwR-vO3Os1ph>zyzA*n>p-oSaf|M4hKt^bdhy!YhzQ@ZFZe)uL0e0$jSp5(@fO+Eet2>D{O8k` zFU{84Z(g^JBA0L8UO#{DW=goDuI&zO$96hyw_Tp-S`f2hQhXH7c&|m)diwsw#k!xx zOf>uH6BoB+6x(hYT`GoL4@o&e$}kwF)t{;FGOs>e4@F8EU83|PeoNn~VSfw2p%F0b zKmW9DmzJ}^QNEA&Li}L~@rOC;yLX{}^(-YZI4na?vE3C#F<t9={cd`I(UH`-4{og15pT~Ks?0-M2k-irTpkx{Ke8V^fDYx#WIPGcQ z(!1DkwEiFC(ffb8xc0RG zm9C!D2BbfiS%LJ&Eq0(>xh9sNT$NpHL4)B*&Ke}%>}?N9m6EIH7pIq}*KaN}7K8t6 zKbee*CZj*3&FHT$UcS8g`Nj3wPni+sZh)2MlRh_}WbH-|VoT{aw59aRZ7Ic0zJLDz zKYRK1{Q3Fo=hr{Kx%}(Z`xh7Q`i1FKgrB4RzrG!+A?=1a+BK%i_R0K5G0&jHGbE7P zx%2O2sCl5Lf&3>E0PKG6Up?FWKSl-luRCy`^uI@WYV*IsT=rKOC@1_^FuK>=uPVtz zE_{GwxwBOesQe(?ZO~T!PQxo0soE(hqf{Zstew5YkjhgsBfedp=fb>_Z+^FncOtSa ze_NC5zr^t{lbm0I$fjsHQtxf^b=i#!MVn0G6~2FEzt_MsnAcr{IOH1RVDBfhuEIN? zPPd93Z^@^tz};gKT|taO3+#1THi-gosK6a%jF?p$NVEN87yhqu5AEszUeEtsr(d}L z-(~+i@&8A7cIN*tWa6lY;Ql(r(0%ZJ32aBsZ|23?oA2k7Z2bRVly<23MV+LR8P0S)a+cv{z}i=BlyGQz(Z|fl}G;H54mB zp-8xrLJeBTk9wgsmBEaWG7pcZ^eDODpG{pSGk<9E%6o`wIe~LPkB%~9is@AXr$Oo3 zGi_fwE1jw!FES`NOW(hZ8Bu5i#oTDiezrmOqGe{?oUyK?0zn0+RP)9ktv|6oRY57H zRM$)fe?l#G8oVFrjV3^^F=I%(POsXvz;_l=Z)9GsZZ}X3UWFLz@JJaDAHVC4rF|wpbMa3-BbS6C-242BIs=M5pOQ z0z7aM(@<@$n3m-I&jc4tkxyY#4+iKAsq|?86!IJ7*qiykoZ#9{0+HgBG3++}=pmj% zwXCsc_9f!SQ}!iVW42&Rxh|doJ4L4wMNR^voF+y&V=Wm`{UcrlsnuAHz`BI|V#Lzc zd2ZU0L0BY7lnyJ;KWm0hG>$|>ZdzmX^z9xk*q2GWRq|~k5|0%ibAp?8Bqf0B8*9SNXvH0LXt8|+0m*52;HADZO8Pwykz9LB2w^Xv|VyYMaaxA?=MeaF9479OPOpFP1`M%9qfa zN~c`@oT*%?Qq7rkBC&2eMhV2>j;A_C7iE2=tSnHlwCSRw&i$>3JD9a6;0B?nEYSA; z>PVdwdB<4iTeZiX6(s0+h|*WYM>?Yz7wL7c^>)1_x#Tpxug94|8)NMSkKP;zdBHPh#g-} zu-aYUR1f#r@$+itPP=`}R7QWREkDzKaThngRzk{4Fm&y4ZPT!d^B`6R(=* zsbsDDIh_)J939pAmdF`dApw|V*w?I@W99ixQSFJj?{ynwLB#l^V~ZVT=xawYNr*>+ z>`)wm_D|Q>7gyR~T5m5^WETlbDD@VI(P@z+5iPSYZWm4NWGFo(v5-{NbZeglE1IDA z#YOuF9Exx?>f@2zM@7zTU9dPDp86!p>z|o@HCO1+#A@Tce_)L-t(;`Lg15rfAjK z>ln^v*h}wNqy)-*Dy7u_$KLz5w{0VhqW5oq3LG|lYIiN_w`BX>>^ZKJrn#FYzP8go z@7wK@KqMq#O%W_XDbXgmpZz@eMFJ#1k&5HZ?wWrj775G@fWcs9Fc?@W*WuJ@yyjZr z6^s{ZJIM9*%r$Ra(3~vZF^6i`V7Qt=5oNONd@k-86lF>;O@-E0p&qD+#Iu4HpIp6S zhts4>oDv1)%uY=Pd4Ab8imuY^WIc;8UA`n4Gb6U=VaVj6VhPt*qj&2;7|8iLR`S=g zHRxD#gBvTOK{9)#--X3}%!W79*Ik<8mL${N=@&1x72=V8jK{#1FDK?lo?e298M6>y zWIVpT>-c!>{Cab7sckN+_h;bd;_|@e0WL}ujkge6-bS%PFmMzV3hltsKZjg3Geqr6 z5_0b{TbzWKMXXSqxLAHXI?5ZVUTIBGue6oZZnN8XT5Pw+$hj&VxjwUHlb;d9iFHL(ORpwtT1uNbc_UEUWKJPWPI~&*iF*#&H#q+T_g4NDo<00OZ-mj- z+zYhp{Liow|2-TH9?pN?%ftOYS14PjvAk@9o19z}2%nG4;cfbT8vAm}7QW`bkOJtE zOQ^HQ!mC<*x63u(kZYYf!B&d8&hs*uh=uraM`AlNfA_#)gklrckuLW5;pao;lzB;n z*yf%xMIh^5<%as3_bvUK_rJV69D%Jg?ts-4Q6`c_kmIgCGaFp$Gc#zK)$r6{9p&nm z;E7U)N*W%^E^O0*Oo>wU4F_Bf^A>GsiSUnLj#HYsW2ZHMcj6oWPk5The|36|cDd+> zjW7O^&kp%NnvN%x^Pi)K{r`J;Y!W;_<|{_qD_q{%X?*bwRFCOP7SYtp4|jY%q|W_( ze}^PKsN*!k_aCD7l|w{_T#A+7N;#%M;Zb``mOo-<;v1ZJMH^+~Mx&wDZfOp)D%^Lg zm514qzwZ|BB;pdNe7l~v!SF}0H)Z?agC0-1NXt>6iV4{3nlHP;qFq{mH*1&~ z*yzPeT^)r)9W|)-k3MG(r3k1N6DN7~78!bC ziJ(2;)UcQIhVZ#io(bCblF-adrEl+Fo|zdfQ$a?Z364O1KTq!YD{(0wPUUSakFCZOxx}N`}8wY&OQ0a0789 zPM9;}LEfTUTxq8$`&;}i{afq-uhZ%9m9};A=|{$aug-@Lpn6tJ-w0~8M2Xk{Gd3rS zXubqx5%mMPn%Fyn?@b4PMO)DkA3;X0vlPdRBEPh;$S{bvXj=y{#T%HRrXWAuM|RqW z=Sx4W*Z=nEe|F~o?N|JN{fGPi?&(qcKPg5V1eiGO&Y?7U*>K}I4q%1=rZV%}Iz^#- z^QR=EwSd6;`)6vbH){om0|M)gDVXIV}f8zTqiFbLreZqXJHV;Jf?URx8sx~>GC zMjd0beC@X_Mn#YA>M5~kweKozvHR-!YR|4|F_rTv3UCbY`-|c$t?jph<82Z8`Aajd zJ@6pd5b9PgDJmee1r_9BX$M|I?cc z%K3kX!~Vnl|M&9nJ60~lIW7HwhsfX!V2~0m*`xE~2aPY@k@PkqF!X7HT z4t}49ZpIl(=P*F@LTaEK6VGbJD&C$@f7ADa82dpS%$Y5%a;|ffemdZ=$}yY48GeRfKFz0I0rWXU_K??HL$AYI#1r#@(y`#LLVmS$< ziy8ld0rAh1M9Fu)%afE&Ja4qzoz*I?)EZSdD;UEC3Oh4-shHXex-OEERmJSJIyvq7fEiLCyEe({&tx$&mkvSJ&(L9KQ!%$FpnU z2NyhJ4uClY^K}$$!5?cF;W=gtMUwCV@eh7Q0y;0BF&u1gD43xDt|N|6%Jsn+f0JM(6| zay=(LgX~y@=TYk>jHai{auZR^ zK~b&QOayW!YAnv=q0}82dvi9Ib4HZn+Sv}_DD~WuuRv?4CUNB7g=U(fB;xV)fAWC$ z#%nKMRIAEjU8=0-K|t1V#zX>>AoVSwMxB?X*{iv2&4Rv23TBL+;?;_ipb|oOu6|&6-^vyQ0I8wCx z=wvw=Hy@%TBHLBI6X`8)}s^uKocKSkNP?d_kt_y4A&O8&?G;9>voULFg}@eg($3p9ijxqA&LXcPpBv`K92v+y(x8AQxszQSqM3VMz~fm#W0+G7B&f^ zjIWX7rrrEkDIxFD|2r5=`<45D2jhqQANTTb?dG$lw|(8)RC2ItN}>d1STYh~aY0Qe zL+@&9ttm<^RSwAtXNAQlYL*kAuUMUTX^rm>-s3SGq zGAiJ^`cebjxEmultM+0AZ5ez`A8M6>r?zm+Zj9i}+KWX^E0bD3o4so-(zd5z6V`QO zYS#5deLExD>8ZopbWEUwzfFpE3{aWd%U@i>@@0763cu|*G@S`nWVJ%YG7Ai}vadxJ zqe7+>mjD#~%rC4Emx;(8784nz)js`Dy{8RlXyv%*gyX1s0FB%a5vCb;FCD5&(6pmm zM`rc`eqKF8D?c_aHq)JR)$bpwhwpU}CtE4%i^i1qSIs^Q(FX7Cz8#&U0ol<%qU2ZJ zLj}uNmQU@nnjDzrv}dti>Ni#BQXZv>tAUHF?V5=7yCF`R^RzZC^UgMt j;H(u= z0#>7yq6T_15tXeHo@=d)($NHSJ>j+MXt2`E`_#Eol#u1hZ4cLBDr!^t)4dIS zgQZD;*{O+HVeT>3#w`G4a*gGxGRixaCON=1^~}J~U}%kjl>vCgaH`By`eKFS#a@e* z4*ct0s8kCZh+#%hMGUK6%K_DiU|HB0#r$YcdFIK&R?%Di)@JT0nw!nLDz3W{w+_g6 zCu$`Eo0xUr-b2J{NZN~6HBm~U)p-5IhxX3IX%*g`h*AmGB1WqS+lkNua&z(dl=mY) zbc!RiKq25s&2YA5mI8X8fp<$3>-sE~TgRGYH8x8{?F&)c*8o>`*DQLjTi%o*^PH{{ zv}X&Wmi)==Y{h+5)ng;aG%n2zM@wA_rruby{a-x=spq3rHNm%;axl#I?TDD6N^IRmK2b zl{inQqf=4kWIRK$e5gdKhTnmtnMKAoSW|THh9}>)u6(6xUeWs9ik_+U(R5SQ`cwyN zaO?EG{7O4*>7nW7$TF53pzfMZGupxdVqR$H9;Y@eF_3r$te6B=kXgkv*q0>+4R~U( zizx=5%M}9`Cm32v=>i`Cs$%8Uafj4Oc$t#hou`qntj+EpIS;{gMpiJx0gR$8$8vFg z`R3)*n>Rl^fBEFi_0y|go?kqzuGJSXIS)h2Y8$L+Mpn+xT=qG?hT9mfaNzu|P(MjY zQit2|T_JaTF0k7R)Tm&_Ni`UTjut=O13)<`Y9k0CYk;HS4T&&8xTwgx+|_)8A09WZ z*8*RuttJ!HVzf3fpPwn-s2t%UAxcTsl_h9d6w2!qw7ekIJG?~Z)cnrO;xeuya0qU3 z96skxfFga1Sw;tSSUD*A81#FC5tEj=jI=^AlC-K;KNkAFLyAc2!X!VbC0u^ppXOw5 zYIjP*V#UZIx`dJx3SL=6Rul8qE0p?NbE%Sr95nPu`Pz^yB`OUVN}82{@b{){D9b=& zsjj@-X+Rnh1$b<}c?BHDdL>br&1i`UhM|{3soJczXEFkrZS)%kMQ$&2iflm;2wS;IsQ2z{Z4D)`=aoiN4xFm?aZ>BMLu!-to+)@qhVF zc=rv{G?RkG{4HG7hXd}2{~Zpe<^0d%(dZ%n$GtqY_rGULRJsA4y;+fUtjieicQO;# zz+(#1b$l>GbCRlaGW>9H6mjo)&8=ZtAdSghT4FZtX)$&ZtG=~4<-U@lk`h=yGpfyd z#;PhFZ<=ebvQyUgMDg6@l|M}ZTzg#WP`oirUkRmh=t;94OHGmntf1X}tl`tAgN{sZ zT?$V{Fes_ZWPZTT(`0m^=&jXUCD9G4|>yp&>zx%Hb zAF3BIz%XQ=H;KBO=|>!)obUMMuOt)qL0GEDgFTq?;vV4l)CNoPE(V<|FrJ*8jVC9d zyGi1%!th@pSguIOzAygt&in>GegvXTqRbp(b(!5JiDj19V}9y%OV(`QW7f`>KVEM} z;QZnR{olNiqANv8EH(q*9D_&8gnP8g46aejm`}=qPoKm+49UtD5=mUFKvhPEQXAY< zSD}3RR8Rj7#Chu&4+yPBwB$_pX?^h_mJBGS{3eM7TscW{%FoQvb-B(=Iq4iI184bi zSOcrA*AI;AnD}S9o|zxzivmEUgoXOM(UtxkpFQ+Hc`6vCP0xYU>wo=Te>5oRf1_T1 z_@MvY$MZp)NxETr9mFxn2Ui_A3IUGGCtJ0HNp3xkfxA%9gchd>hTZpv@abFVCB>o1 zGk$bhMLm=il*3Xw2QAx=Sto;wBQpUIe}B1-qDvCtU~8yDqE3>3EOY`xr;vJqMM;oC zO?lKP*Z1;vGNH+^8A8jr)$YTG8r@`dg5j$;+FlWoFeZ_ovmIXFv&SGw&FdCz)gFXyprUxA zUAL)gUNS9rxwEn)QeYlgx}_y<{@0HwSv8}8l`PD(4|;NPdE?Yy(e?_>i)wuK=kJTU z+D$!0iwqdTgf6#HKI$qQS6xQBwW_{pA}a>!D!UTl`ukmk>t)*#Zq(gPc@(m!a8T+7OBX zc~mW~5x?Ts%Zg@pO5~TXPmotMd*&1|dg`&F(GF2fWgA!~tV*CY)gYfYYPw8z%{K8? zyINWxa8JN0#PX%Zl^61E{XMe=q1Q*Bfazk#T&J1 zRCi+JN7FS6q$t`7#5IU4Q11v6>{hfTBCi3Sg3hZ5}lZi%XTRBRVBBWT!e0 z3G04;07Rk$u`hCyuF=c$YjAyW{^BW6`8-0vLtEoH5shRetNvyt0}g-@Ay9l&I}{$z z*~eq#DnYRy^DP8kRF9-60ObK`#Vd#F+wLcSw7-M=!O`}w^6cUNOGwx*1I&*7-$}2U z|7kLK$p3mTkMRE;+$?!|4B^hh876U!|Ia^Y`04)isRe#X>$27p_^paE?Uj2Bo&I6u~rDiZwWYYu(ST;^Ms_e|)}g z(@rrjtGze_zx{rPsPyIopnkPSqWvj0Rj<|2mRMdBRoE2e&kfwMixdXv5~Y~S3KECB zl2+nbrGSI~nfT4OO>%{-PJ68c%s50(iyV14b3)Ot=rTyvmBdG-Peug3;Q>*nS#IUs zinnM>T?jscb&UT29|0w4#&6L&DtSkW-79rfq63uao761l0)!cY1FB&-1u~f&vx5YY9;Ay;X_i7P!(^Nv?*eax z(jp;(_Om7I2P6JJ;MvRmPqS7zV0YO6{pqN3|Kp(dVE^CC!yTKK{5V@~@T+?c41>Rc zxz9bn+7%u7!Pv+=Eo?tcQM!8~k9{<+j4;)KL>}vt2l8r`dS2342A?6vCW z1P?1wKE+4PlWb<%f3;3UKtBZ`;d&NbC%ju2zEHM>9}&ob`QR`w0luZj+9x2A^NSQQ zR`gn^wN!st0ntPaPT>g`#|jNQB}qv}0umW-dDI8`L;LFebaQj*@z9Ry`)k{Wn+slE z?2O2_XW-`Iva*9yd}V}J396pPbOSY({_o*rT8{r54u=o-Ki`3aH^IEp_ED?1P<7Z<%GuGnAcqwoxmW zR@y|u<6ghrc&cTII73qj9d-er!4ffrrvSl;bwY6VHg7`~B-bRkt#3tbml|WPsV5d} zc^`0fMmE4&d1q_dLr-?YwXu?d%J&9g^aMq4o4c{KVPwDgl^+;<%Jj^T~?x1%w*Veg&FIKG$=MY;K1! z(m{9~?@0IpN~bJKCoGGAYLSf3AW5UzI9I8ky7YH!kZ3T}AqpVF%*3y@P(%Y#lE4Lb zWQ&63w>zM^gllz_ z30|rsrMsfzA5}C9lhpT^W;kAOL2rt=?)Tt4dIz@@Bq^Gs6u=mm#qm5(q(f1bXMZn~ z`M3_{jyt!z--B1#5~c4jML>|jFNH_o@|O$YsxP4}w=lNdMqXN94!IM-Rf(%ARlkhZ zzQfW@*-b{piSMX->?bboD^;8WcR^4|5q04%ckrB~!mC(E(9Rk*rL;KCp(Vrl*5ip%AYtp2A`?F9+v|lAc9- zuE#*}KhO)j!sT5(E0Vmh4G;gR%AS>)Yw>7~sy#{4>UtIiS%B&DCTw=V|B&G2J!-c6SF)mroDLtDkfQNqw@_w@mug` zA^tVURxh#W8c|F9{c=}bQ}e9yja*xPCShJrdv#XLlCTRP>*d@G;6KhZcC^IlOx&t* z?Zhmlnp8gpwnXXZ#lg_r$d&w2T1oTIwXIX7Zt~=afM1JW(^0!yBK8ps0i%NE^uj_L zxfUA>wkRjtVPNac@)Z)q)$$h2qM7IJ&YgIl@if%`^-$sN8+qaMb9vwNE=ypC{y*;b zEBPOX(}(-t@8z-Ne^h4~DS%9a56LROot%52P)ye;vlcQnGbn&TN+<>EB;+iELYz^h zS8~2`+7CN!GB3757fhJ296~x+p$vvFgG^3}TZFW&&5{bJZW*$iL=cOX#2=(6q@q>fEJ@J@ zleLJGBII_R0B_UxfF}qjwT~t+C>qHDc}k=_3TKy)Qn^E}UZ#X(=4;U$rFd!-6dUIf z(qnK4gpH*Y^I83zgpOhj4;+DyU^W?rDA00)7x(>oU4vnPhbXTkRqVQztYNe8pVXt zc2xdvN~0AC(PNn=@!qLUB8cOJq!|-rCDOSpsy25s4#S zypJtBa2LHKl*3mE{9}y)H!{f04nA1(#Y;$eOD^-Nc&JSd0WqJPyTM$^>5+rd=1Wsx z{yL3-$H#+#Xf+gj;9z5ZA9xtgTJSVr*FBLr8g}Oh1F}jYlpzz>KT+7VBcDx6lk_h& zQ8l`3hRnkr%)jijm;I+IJ&$qLU>j)H`H#V*68|xsKAiu!m&aoNDf=!VAyrq=DJB6q zBW%GEZV-SVL=oJg5U_r1Xy#SU8n?Fc3J9LIXH;Zt$l+Udj*71xhP}u#>lwKuRiSbU zd@}=nxtz#?@42#;evP^7?P=@RafTz1EZ$(6A{cH#=QXglTl+I#0zZ8Mou$}55Ci(@ z(|>`G02(2bfB|4XV&vI!?mnNtB-v$(D2lU(wdRXIpDF(vIRJP0|AwQA|8FvSIR9}k z&)4PuGZu!uU4W&nz|V82Aj*#$avxlqI9_%zYJQt)A6elp{?8H@J4>oss7-X{M=_R`!7WyZfg8B zIRD=pmgB$2{oaH9cQ4P^W&d%;`W(}b1F%|s0`x!2;N#do-{vd8xXr%1vG6#iIxEa9 zu)|WSLfgkSvY@Q9d3G2r9Gbq^iWil2Rxl3#x8drl)%X&syyWq_(c)`?HPD-ReFA+Xr;-1E}~ZYs~y>c_Vge6G}Qmr8IEZ8jm(aTTcv;6ng4$> zsO10aKjeS9pNF6S-{94mI0J$s#DxCi73-E@iO$4fFrLZo;0k5yGzJh*GS5IvLUgV& zrxy1H99VMhYiz@6QJ(?G(qtgT4ce;@#6U+Ci&~9?@_Sk$H)%==*RD0Gd4{VX8Dq&%pCodo7xIR>|HXGb4)6CZzlhPV2RBmD48g5MC^^Gtf80 zd1)M%FbzLz92tNwJB|VatD=skG#^GiOYjX!)zO;HztULNjNWGqTs~%OvU|W2v*nA7 zpl9A!h5i8Q;2OuN9|&tEHGB=Ac2GzibK?Bc2CArGK(*viv`N5(gsT6$?C&_k?Z+b_ zVM!haWR;K@#aTWU=zW&LpBdA>P==dSvj~XY!*m1JA3(~inTbIlwkiGRDEp)^JrqCO_wywaICZCP}11)ViFm;H{`>Y$V< zlD8Ge)Eu@eGaZOy<&QArCX;8f*DRik3S^Z4{jW^injNAph-tZw-Q8?7R<(c5Y%G?& z`{con$SiSd$4>Go|iqHrWy+^NNs6+sTI6($9#WEs-bnLMVjUcYC`nNOGZdbIHATQ|x42S3zeN$pG(#{vsu_-?C|(+rTmn1CrGM=H zHaIFqO%)Qqn+%~r)gAUAVrvV`*ceJf92PsBw5FRXeS7DfrK^U!JIF%Moh%*grKn1!9%o4lkH0+UjQgfIuT$KN_N4DA1ZvNAZr2LdqD*>=$ z{tt$u^7+5PX!4N%`Cgv(`k%f6UkiQ!{CZ;BYN{B9U#L+mp<3o7yBeq`A}f?ZP`gr= zaOD?eJdz(ck>a)}JrkV%G1mymI!o62Wg~e&O{IKpa2}#RfYd0M?a()Dr)aZB9qmC@kwhM9c6b)Jrh@5`h9Fz2P^njLsou&An^0Zt3 zvn1NcTSi-G0K4@6Nw1Rsxi@^!|L^5#wf-{`l!~;7Ya}ui%iH-1quM`sP2mEa*|dRz zeS|q%CoC>m4p#AivQz9^SFu;v&ws~q~uzc0?>AK7bv zMR9iR=KnjG#yDQI^Z@Mg|MrHXvi?6AP9Em}eLOAZ|F2^30i2O_2G*4QosuYG|7UPf zH}P}6k>zjTqQ?DuMMzdR$F0zGC7o{(mVLM%L5ddW{f{^ff!9g@_P6j)k3P~R9E>Mt zB7O3&=T|SEzkGHEu8LNH5M?OHPzVk`d;q%lSmpr{2|tdGLBdrVhFgk8Eb_Q#DTx=+ z7Nm%g&xBG4G6LX+;IP_@6kxvnmXdHS?qWpo2B#!mp*Zso{)FQ>0n02)=vlWLl7RX% zoW*d3{eY~x#jXC`C3)A$NO#R;b_V0HBe8TCmX20ZkNy2Rgwn%vZ;w;{`%4t9FyH$B zTpYXoza{@qe=?jrACMlZZ_b3#JjsDk>5BN<{ zB<3|4NgzQfh;WSj1OLhOo9m3E=-?Z0!5I|%a&ZkpoYDh-fwM0ESCD_;&;F5i`M>JL za?xe~sGoEbcMCu>7~HNCzV^|B?|u3%Ir!e6!P|rH{cOelCMjMVeE#;3p~hI|{M`ABPBbMe&sU{lMSQfP|>~uOL93^Z(+f^Ow(_zIgS_UxlBEqkjI6 z27~hb&;3bn^pOAUUY>8j#S+E~6p_WBXX#%K4i5ed`Huc$scm&m{8NAG{pHVH_?Lrk zzWE0HroaFFQ0XEIoGsTgu7zaj8cAk?Ny0fQfhp>06(_#$>u`?1;h;C@cl!O#uy=I8 z5HZTwY(4m19xDYgi90L!canm`-@fUO2FXS^1-*14jeLjs}kRZQ#gk;8<(m z;8Zp6NBo{O4~k2H_$4j?f)w#HhAcVN;x)ae~IBpF8~7uF8EfD3RT3d)TLMZ} z2vEFAB0R?dSJEh$r(^|w5EiCr`t+n-)2An{rk^;*_GI6&Ju%1j#2njxMe0%lU=)#e z{OTj=?_vrsj)Ao0@}nVh&!vJa`55@@{=au8hlI%Yy;WZTNT5r(oWRxlCaFd{Hc-&z;9U{TpEEob(`IkP7Y zeQL6=J~c7*sfnpim01JFQfuP3v5N%7ya(hp?|jC*L+}=*fNp7qR@BuFyD~J{R~ed^ z%Fx76hWaNBSD$gq)o1KneI^d=X|k{OG%>ZOiJ?99Ck-1oYNyT)M^1Hi;?SNZ`)W@U zQ$kM+?WsR**udeWT?2;`cLVKGc(Sh)o|sa2Vo2elfuSEPRoL~!deTgDEPdc3bm zJvL41v0+m8M-{#dA_SQY33v>MzlEzv3`t8z|d7oWE@(TBoB&ne9+OPswgCyu^s zHp?u1IX3%pqW5J*g=Rx9(%_sYiD-APrH0XSY8Ye3QaavuDIJ?j>DX9G`we|B!(K}+ z>D6$_;Iy4I9Gp&$N@8e^--A@f7IEi^C@UPzL1aiUC77gLOwPY^4_!=n+&GyG?l^Bsi}+| z3;B58g?wx-0}3MmBMd1;V%_I11jH|xY)yXcR~{m`@agPOTG&iFpP^qZi|UoOP(vtQevF3pb7J0jaAh|2D0Dg92Iy5Pvs z9ix4_W9au!_5K*`=#TR-RKqXb4*aYvqyT~!1cpDr2*v?Q!8z*}+5C1Y;K1!EWz<^R z&pzzk0VjF~Fi3h2H1rn^ChZ)egNf52$|!O*vYGvEYvi=l$P>MhRj-4ik|ZwOxXxyN)q8B#W7zJL>IJEiv|;?;mYWB zb-|u$?a=R!OI=VXw!O~4X`Ramqpp^^xz8kJ4}{_bW{4MvW~_%M)8TYJnuy*QwPc9V zP*)NKXGsh^GU|}OIugK#EvMA5Zc5p8Z1!RAt{#=Tdfce1OH*ptlAnfk{AAa1*@t}^ znIW2WhW^l8F&Q+yp}o?y5{H;hN4||VBzcd;H zeKg8@(HA7y0`riJU)cxE2nd!q3PqM{haZ_?b~R>CjeY3%%M-6}Z;aH<*n*ZHD^rt7 ztZ$V@F>O_h8lRFe$(DQ@g@Og%pjd1r^;>SE^xfMitTC?s*;{ozEp<;%@1ALCtpDFN z%|Mcp4Gs~I@x`L?!E!}HFo#%dr@?hb5|pm6$Q&qoV%*N6>5rWj&CqwLuzPE;B?b0W z?}n$KXMv?Lx(4HxUVO4=$AA`U197u2!=7# zH`dse9{;}E<3DtGMu+=)Mu&b$XVX=-enV5Q-_n2HcZXsP9e&B-zJAG}>6aY(x~kSY zb&}yyi}u!vN=nhN85u5pV1ISMBxBHw4ChL|FB#=^ycrp;1#{2!a!?+WUK26~jzJmh zJ17HlPzL6pjGScH2W7DDpbX4G8JL6OCc{1`gMA03U+#@w6Egaa-stb!8-24k`etto zon+X1qrY!&^!)zNq@&k_j-Jb|>+NmV^-6YKPqXWKry{`DL5h98^!7GtdL^T#rx`Un zNU;x3Z*P^mXR6#iP35kq#IEx8_EUMKU!renF1#V%S6qAhDy}_KaqSg~Ydslub+WgwI@v1^%A^??c0H)KuO8Gh^`Ks%2Qe~S)(c+RL`->5ij6pLp>?=)g-<76kt~9-3rKu;wCCc`aWckRHxTLq6 zmMJ6I#;xMRKGaN0>z;t5kx~TrNMFVZ-Xg%G_RG!+iZaU6H!V`KP5^lqqtuMuKRs<_ zpPimM%(JO$*`4ma>`qI|?zFt@TB4k6CfaGc{pVBH_Vd)WoKN>&&Znj2d|F=4`;Oxo z?{JD1YnX-r#T&4JDFq9Z0TBjk4H*%rT-5J1eR<7ZiF$nkYoSwu`gnbd0E{B=%jHWM zFG$7N`F99}B>pbr8wQ74lpO)G&H$OqLz~Vf*(AYqZ>45xDmBxxQd4P>y4;nY_g|3> z0_%89QJA-m`|tA^C$1v|Mu|B|S%0`%Xj7J^`zlLQQ$d-Q^rTAjWSdCjh%L`=&B>b~ z%XMjx;>7MBpE~rN>Aw2T)YNyTC4I*-Xkw#clf>o79T&Ye#b~;(Vl*`sqiIPo;`G|d zuzA4v`+dn6nPiOXx=qR+7{?^z$Aw;qt3YF!7F7Hc)0j!4Bqaf&jMaJgl(aF{6u6o)8ajS%C}Dm>(L?1&DTI&7TjzBbO(v~i{- z8>iZtOSnONA!V8n}qFBtJ$A>xOS0b~kekgZ`9Z5flG zP;^N<#fYEx`)6lP`S*C7`G2mSoE|c^X^{VMJSgY?8IOCzhx|YH@q7cG%R>zO zKCgox*RhDwi|{Ok>6YsmH|ZK($oRHh1+Fna1Op<%-8D=_DZYa9BoT&${5>aJPk?~p z6^>x4QhyzTY>8=(;~k_t9~oabQ^b#4tRRjv6hnqCAT$Frl)Xbp+z=ypS@@Ee;v|>k zEZqVaEHTfqzS$By=VH2!0Mafr|J!)m-8yqgXVc-l2g0R%sx zXa!!#ZV_iUi@cRLKRv$&7eAd}-GJxU;N`0u@blC2mp9<%75L#Pc>ePG=KRHrr%%9> z=T}cJZeIL1$9OGHs~#M5z@hnOtN%DO5TG5jju5UNs3o6#nDzIg=9jQt9x6{|1Zz4WwbDx-u}T)|e^ccKD z@@%Up3!_NNf9(Pxj#Xgt!Sh&%{g4D}o|A|{z$8^T@{Uv704Be+gbfahBP z1vo=1>Vu~+SlX>ox+Lo;6g~!=QSO$xMO$AiGez2l0LEY@_9=WIsb=<_Mkf>HGsG72 zk6bb;*AE|oB4a4y3>dNc9THQY6=f@qfG@lj>lB56=Pef8zzHgl`T+@r5KhbZb4(yqsnic8TtsGCskLe~g%^_1FMaQGoZlyCZ@>a) zuF3H#5z|meM5g=-W`p1v&VZI+e75C>{$&Cy$fPj$d0t=t#8}Ra*%wFCg`A=)`}teX zV_kR!-*E^ET0=-bK#C?K3q0|mgJM=QEQ9vJuRND9$(Gu{!4v_CvSZ%QsU(OIB9eF| zDGE@?Z)a*kn!NC_O4`%+nDRqYa(7Y=JbP2_fg5Er0Q5fL+fkU?8Z*SGp^TB$gh${l z4&S5{zO9i=K8~4IMH|dT7z0^Y^XZm_k_(MIW^F;kR9hWOp3<&8l6NG%#qr_^PR&m4 zdiu)5V9Jsp#HrlJmvfRNC`O??QKKQ|mIVdRMb3VHx=3&ZOcGI9t@Uy~ugE&i61Y^e zl$#QoBoMpkKeJMLYhskqB_WkbxyOo;gDRGbEG28k*!*>jGS&@w3KERC>pli_g6X!XmvMkpj-;pHGakZ4=dA){GJW0tagE+baR>?tWtdc7i5n0G< zDwjB6lyW^cBDc6bnGTn?l z5|}Ni7}EtmJIK%o`Q!j}i!G}d1NHjq1q1Ygmnf=klDILKmK5=vM}N6|nT!9gO3}?@ z+B%ygJ}Nca7XARcb=R3UST5Ax`i1>Ah zgQd7+LGl)>sZ6?=Tq;e2&4o)Evl>3$8`||$oY zZ0U36)NT+q=OCMHGM`3;T)WU|FBo`qS38-&=0-ztASt~gA@=2IWeS-^d=y3siWx*n zY*6BCJ1~DuQ5p-ccUg*Eq)emFFcjA~2PBReR@q*L>RRfjhkUN^OF=sDNL&gclS0T8 zXaG}yVzOQ=%Y>8z5o(1aTelQ)%_X8*T!Cex$|_SvMYL74VupYf_rWhP!lB}HZU(7J z$3Tq;NwsiZj&wf9G0wJ@S@48kj75tg0f}jrLL6rxU32HfZ@;Bz{(Is5zRl;Lj|rF1 z-GIaaN;2A|!4idQen}MC2scufS)hx!laR0zlMr>kQMfuV4m&W;a7Vq7LOM!tjKrn< z4(<{~YMHA5;wS4Ux+D<}O6KhI`Ad>r3hS)W=jQ^2m=O#DNF<07^iQR-!i%ZBfxEr1uX7GRH&10k9>3DcLg0mS!r@bjU9nJdl!8{zGL5L>7Xg=um z;dpjB?TyCM;b1fj;0c=bC*kZQ2xrrvo*IswQIuMAlvf*+rfeDG_7*FlOhaXJ6|;f^ zS!aX>FcK}v2lmg3h5y1tT^Irgej+LU2df(~s|TFRiV{v?S=KU%?zwR@N(tD0%%WSQ zc8)2dX~8ub@CJx&$gDgx@Oz4f1}EboJeh^z2}0p%&^w(4;b_+H^=7BxXod#8U^IZk z-gI^v_JbKjeK_ci2Ga>T9i7ZigDOW?$x@8Olr?6v)bf%nbV!eOa8wbc=HP(~rG^$+ z-8C->*J#-y>NCF6yxXdzRA$A}I@=aXujV7aMcaJyS*}Lk2@u~&ntYR1sXzHe+_TMJ zf3AIHHeaZDBvpQTE7%Zb&;qZh#S8GD&^RkO>ScIj=%9F~aY#WCm`$4yE3X--lKVn@ z*wOMVB~gUZ9bH*d+Ny4GdsItKsR5UYa*?{Tt1=N$lyyUhRwSkG{Zu~Yho|Pk?IJok?OKe zQ59%a>oCxDx`?^MV2NlxE^6Zq zJb8J|Mujzp9_Kox3b_*5J_Q=Ef?JRxN}>${F^vehT_?)3PhxS%LGx-*l&urVyv%Ji=5ddGM`7|<${))5ZPoku)7F(hOC1R11 z_Vo)K-%_^<(3Q)-I3_F-RY@;{+rL}fG1SW1l(jl?#{|cVuJj9ZU?Pseu%YhAg57U~ z=bYbRyhQ5tk!+*QOY}3uv7K%o+*FjNYkrtX$%->@egtm*=M22Qxd1;Lfy?vj>tCOo zf$u(i0RELsHqT@HK7INQToeWPgW}DPDOsJV8{&OmjRk*SS>DyhnD+uZ10vAVLV9YrgfFz?MWta+8te9C&k65_ZsgA@lIpTAr|A#*{UtRVLv zvlOB^zSY0no=`5LXaWPI<~m$wWCb%E@MxL~uFz1f(d0Ita3u4{0Sy{Io|Pmh4h3Wp z8_tmySZE$|kk=F+!DSu~xmL%SO?6GtS1`*VMG0F=(UCz2qmHb3)Cr+d16e7&C=NSo zDt#qJPjgxFTkm)Nhp88HX6>N&aFs;Jk4OL`t{}6iuS8ziZ6NtKfiw^Bv!ml%n(7Z* zFvum}>$wx~)jg?8zEE&H&pDTeOznwD2AGIearS?C4Elb5)af-rq~d2>a!{>jg7Z}f z4KJM^yq0nTQ?VJ>0xLf%*BC1=-59I%SJO9?U@rD7Rf&zbtOquVQpL`?S9vKai#lmcE`Xjh_~lG z4aeegM0(8T5Bm>gf$#fAK6uXcuoN+3R>B~MG3YA*$C}c?X(n;BEk5&FFug?~fGTi& zYau_2sw`2g!#6Lk^VK)+f*(k>l%aet)dkr?tz!a4W|vS$WR&nRP}kbddYN4-e@kQ6 zTrqLhIMTaRct?o0QQ95beX~Sm2wXdn;dU8HS2z|7O41OeyQ9G)JV(JcD92)adRtMh zijt~}88?)+1=Kxy4s}g^*6swT?hDC6{yMeUQ-SHC;T#QPfFRw<@GP!Qv8e&x@i>du zS1+zv(KSU{3>Ry_lOIGUs5rCQO|2q`&Ap{%0CH|2!Q@x{DyC`Af4b@4y}UzggTS1u8&&q-+aQn6Xufq$;h4 zEW}3w%XOm!roAFwYFq_mVfM5pjfCi0-6idCHOP2{T6S*`Mxuk+Z}(OOP6QF=Zc8iU z8)#g7A0{ZJB<{+>9RaZ!!U~dIGoU{m^+wa#cp8rT)8VK;8V(0z7*2<$<3YbS84Y`b zF`A6~lNp@!;OTIRPKW)|a5fuF27}XKGpf`)Fx;)XW`SP#^H#!!`>c65tA<%_F}kQ# z=dQ}MRwMAJ3-mryPDjTVP8Vo-^xz_bcxBTApU=6=<{gaXnP#5eB?hV@;1}l}7iyw( zkLBMlf4MLXD@{OI2%3{LKovVc#AfktYUiG(uj9};+FzMc5Q}Jcu97HkU8)pU2SUDK zP>Exdt^bv4GDei342+d}zo`}YhQIu6_s@*9H)Q@MTcS6j;$Pk#=MJfifbTlr$qf#w zL!YfPb3C=<0?w|xW0hW@bYe>p40+6(g)7x`$8)_=m55KkV04&X?!-dzKT4c%dV2Z{ z=K;r13=Em)w}7a|r09<|qFLS|ZBAsn+GgDLWV1&lE>XbDaFoM-KIe{3#t5Ca#~|Fs zaD@YLh?8Ox%bRLcRFY94zX0d$u@RP%S4OGDn&ss!f6 zD;vCL#ciC&^3R_xk3q5tjsaRF+4c!ekEJ1bTm+>Y7rC|AIwH0a>~yYRqC9M__35en zOy>NMrHXS}C``$n2)bb@U`en>|jP)MBVQ_y389O{|pKC!FUw=9^pw zcg{A>&@fu_@qMeB_|{E_WuhoYZ)u)z5?alY90^6)rIsh&GAGZKgPkiYdQy3@D;+G! zyI5qm<`?E!QHjO4G4o#+H;LcR94P3^8CBBoMJ9v=-Pb)YG=jf|>7kMH#b=3z%bYAZ zgWUO)5gKYMMN=j^u~)IPf`krCkij8-JwdIi5hkgbwA1&3GXKX+y@xJ99GUv6oJR!6!O&Bsow&MjG0)7xvo?qOO zHFro-wSNh?lZgipb3j10O7>`#z6`D0CxP}Jb1tpWDj_0CgX}jOZrcc|f%=Muk(2t> z4x+d`*d1&4mCapA?$ zX+pEqo~H;^mYjryFI)%w7!>oUUZqz1(|#I=Yj?tfw;#MYea6&j?`%9dIaa?e_{|z( zm)$$_Uh(@Je#UeKvta2Rd;FRQy&iw@nxa(x)-%2Ha>WrFGuTHF2NZQ`>@V{MsN}PC zd$Eci;>V!+2bS1SX?0zGn~b6 zg}X)h-MDP4+lw9mphn)L^>@%#j$lMsdTU@)Hsv;GO}&EV+dbbK0&LKp=7 z)BbcaI32*jd_E6*a0Y`A&8kP*D@5gy5h*5o2Gs@1%93P;oQlmQ`&t^lPN#|QID_<- zFJfZq@B<_H`lr2*@CL<*(hf76F#n6E&s!%QL7H+l^B=w{?jrbw`kq)Qx4`k$mYBuj zV5{MTawxXy@*f3Nbej#`&Xk5Cp3rE74Nf^!-RpW{xrE@So105n zQ*G0$qp4h0vF}~>&vkyp?MREcR&{JxX=%5ioF12dpJOC$(qm&y3+Gog6Nk}VzKR~9 zJVXnH;H?;&Gk)mrtxTRTpf5=jQUyyL?vlDl3979f3xtjMvuLTi6YiHo3$%C4qGq4n8IP91 zTAT7kxKs*PR~KE&&pS9&Lb+T1lt3%osgO0|O=>j20_9%$QX#!#uGD+#&Un%UYH7rs z^CQm?S+7jyc`s{JNgdFhilmt)v!X^C7+PdWQWbY0tRksqM;iFULX$l0_4=p57>)X; zC*g1~9`*;5c@Xr1(_T31_h+Y*ei+Vsa2O0udz0y8G9OL){pqwfLvR+(2fGMTdSp6- zPQF#n4!_9AYHi~4syW>d z`e%SG;O!Cl+h*u^>OBXESNvNYada(j#I&G~k8+XZYoNgBgC7up{6r&nMP~dy4lRujTbWQC zq}wDDzBswE9?PrD*HH-gc|jg}u)!3|gXl2c&Pccw$kixnJNz;a=Nw0J4XsJu`Sydy z?@G8#@dig|fu7O;Mw|n^Gd^{XJw2xm8`)}do?|aj^~1cH+R3~kB>ORU+p6@x`kklZ zT^m1_E z-@blw`PK)*reiOpb(g?*F@WIa;xcCh_H}`>Vy5CaLn)g-udiP4uY6u>*`?|lmBDm@ zvR#~8+;5_lFPYIHp3hNgh$r3w{FdTOTsoq%PVq0?V0>Eue9O;ZsQlg1T-5nXi6YB7ll&bsC8Io@7LuYH&$I-VQwwi1)#Rev_lS7akQK< z)X4C?M+$-+vqr&hIB}@^fNQ=8(Q|xYmY$=@3@e;8X4zGldrWsEo#46fA4&@`K)(?mZ=7vv0@nU%c9wsYZF-kEF#C0 z4P!y!NIQR133)SN3p>MC7Z6b-?unHI%Pe}wKwQ1eeoLW+Lg}u_^ps_J#v6^mmUFOH z9+`hirL5U`gIJZ(cEflw}y& z(xSd)){k84e}qvqgTd_$c|jKRRs1wfN&5DFJBCD3JE$fw$kkPT(Scs_b8kD~5c$mp z1ys4MnvsM=WU;+Yn8|pNU$jsqPu6zHIvm6KXg&*0dwn$Qho?a}3s65q{aG-b%+RQMaYUIi i;n@CnzWe&&d3YY4hvz@}`M&`G0RR80=+!*{Km-5Dc zVQyr3R8em|NM&qo0POwyd)qd$IE?Sl`YW(>_EWnble${Abv8ZgI%%7yiQ}*Bq~CM8 z`#KN_Nmx@POOSH3PTs%$eQ+f}f)eFhn$~=F8;b-6g8?uY4Ca!e0F(Cd45pd4g!Aw( z5Abw4oz8GDVE=YHo$|lkesAwD-9dM++utAbyWPKZy1jm<^B2&02xQ7nPBNJOrE}-D z%ANa49vDS&1~VK-WYhv6OLOGY$w0g~owm=9k6yoYNuDHenvH-%KReZ8KFr`WPB9`Q z@Tmm=04@k%2FH*f@zaO?3{`7RQy8ETc-MjneveXu<7fmHy%tOo^>gU;ykRRq35o&~ z`Lvam3nDm2BjCsLc^tI>NKq0KoW<#K1ZG*5kWssBw$%b)AweE^hu(fGK*UdRlCf8B z6BGdw=c$i&0Sp!}@=*Y;(9&JNFh_u7af-awET+xM7N$6x zkYp%rlMIeS)Mjg~g?-wbgfPZg1m~E6fP|oo(9-@D;icPnKIMP8?6uqLbw2j`122iD ztt+&=j?;jVgTryc5@Mgt+?E>GuGjIphpjKYsJ@~{=l@~sUp+({YxsYs-`y|s|K4!;#Qz`Tc?h$=^p+wWX-JELxAwAc4~2mRh&uh%>LU*~D% zZ~E}{&$bNmPy*nZ^}laf|9gYIr}h6B51zv*8kJVM+>!Yf3_y~H;b|OVe>noLCMR)r znj(UtjLLIxDkQXji1j|~_WJv%I~n&TV}EY|gS~_9pxfEo-#hH?^$&u>ywOv!w?4` zW`Z06Fhw9hNf`POvFivAF%;Dy4A?1BYDn=d_v^%?S01TzG-12lno znC$=<1>h_WLmW-tB>~Jtk14Ekf%ZAF0(%?1Kq1Od6+{7^1AD;;M8N<&jp7u6Y=#N_ zCh;Gc04N>w-y|A3+|$1;inhhgmJ{H>YV+KqOD690dETgo8GwrMd}B zGt8t$T0#9%GwqCzFa?sL1*RJtm|-gYFF}asIAgPbfB1>Ne@$PHK)=-@$j?)pEsx_U zLmxA~u3+#s3YTYboc(}9M3y8&^AVW9kf2s8iGy=Xr93(!Kc;b>j6kQ=LeYZ0mAmuV z%NMWCFV9|{zJ7Ilbn)u#$>p23FJ7|#un8~%{M?~cIePv2?Jt)v-<)3j&*kaS`S~wz z&tB*ioFyU-Yv>{gX#r%A{Oe!aQnaHd#WX@0VkfO2_DMT~lA@83ghb*FQAs-YXJ%*7QAU0I}`vU4jMCf$;ibRbZCIB zA*ROCF#%Z&KG07e0G@zloP%pjX7nvdkdG%z`Yr|Wb)~i#Z8?!hJh=hnE#_s6WrqjfL zT}NKPFqbnLeJuV4?8E@0pm;%f51AQ1UElcGo*@`!vvz``>7_*EGK_r~dSnKAt%4;7 z5Z`J-sJUpL5$f}UObG@30p^4W`<^F-9r%}+6$%r5TF4RM+-2iAA-Ix#Mi3on&3t%T z*moYnR)SK3Nroc6fiep69hTP><2i>3-`>`&@}gqhCdoy8PRnA@ewiUE?#8?kK2~f8 z1~_8B=oSvtb|>lhg5$xNLHqAiXt<0gm)Q(m^6KAx*cC+y%BUbhOMc^i1Gs=s^p?hX z1_Ded!utC+6eF*?!Sil98fOxG2TydUWESUP0LF;dMgd#ZZXAV64phpeQW910UeLM3 zR|6*(crQTG*-Z&1$~F)l{5bMa!gShk3a6;ev7@p8g~5NFYjcke`x}@P^Gyu;n>aut z(AnSHQ(rU{vl#s+{m-Tk*Z*Wv)@%!j_+B+Z>-4{!{;;I~8SM4?Px_z7cv?3%mE#Z$ zLwW}K{P}4){o$YT`saMqRom}_o|HpWYd-rbZ3P-^R9Lrs} zHAfkgx(Ca43qT0RC=|!5n;W;nOZa!nPCkJMM*)g5FrcgjfRgC}t$mHNnNs3t-+2XI zCX4?E&O;kO`V~b1{ULF#5kW`blgp);zqZFXYLB6iXn*|`xDjxknF=Te{Oe!f|NI|- zJ|=ORaqZOc>sOaY?=F6NUMVcZE0V+!LC>FU3wb5Oa}?(pa0%#xXI=15@tzaZ53za! zfI9;W)mcn3{dEGK6^c3S1MMdJ!R0DE0lxz0nZ&^Xe|-*|)3+x-I^bXbMJ2mPiu(R6 z2F?WH5Cv33_2Vc)eg<+vW!6Ng?@C=%y&Hj|5p{aNnNZ|TupEKP>HbeV0JI;~kFVbz zy?Ax@)3y zoi#sXe=D27M%}G0rHy*~rRA*O>r)FHvV+GV}mR;?Kq+1f3#6UEsKM^lI0Esuu-6#3v2_$`k! z^cAU2`1 zD>y~OYi)sx874sZ0}w!FC=9_gjK^ROGoLPpU67&>W_W=>0<)R+9!5cH3q)wjmM+*% zQZ&IIQNS1XUw1t4HVT&@j#y2K5=c-ALL4El<-It+JkR13wYI=9;~?Pu@i_=^N?P6& zXKnUhj(*D<|0iv;|H>D$X`B8>{v?a2T>u(G|0++w1c!*UzV*m;()!jL!>iV}UN%o! z-~PX?E$|+uIL--p_2MOIc}W`o8~Itw!vTVAUM`LQ-SQU1j{`(uzy0Op<=Hs{%I^Js zR+l3!{^@tZAcXz*Pe&&|zI^@mM{ge7e;cdUf49@!FYEt%-TkNa|0vHEIG(|1io$sM z_i_4NtJV5DWSjkSVe!OWDxB~B-iF_`wzjswuloDq_HTtNj33VvmTH8>vJ7RP-P$Ad;VMseiM;lJY)Z2!8|9rX4a zwT=nN5oy!%J3Dn99M*Jjc-s!{nH?Nz9qb+6ZV>iraNN5sjsp|NJsrn`)i{DU0=j!c z9nOOqoCmkXxo_e;&~ffpa31ILgyKm6oI)HiQ=(<$^KEf8wfi-g_iu}N*TlTv0CR)Z zq;4Vf51LU^E`K`;~ycm;C?U>Xs-`nzDllAJHw_CgDOP$-> zuycF$o!hr}t{H2uc5Y~NZeQ=*aMc>C!LDXoxb3cBZVJQI*x5-x=xs*&L9dqdHT%hJ zw-a+W(KnOsUIX^Vw~{5G&}$H`*-UP`mzZ10U^T+_(daju32HR@!`jiP*>7&U-Smvk z^{t)z0l|#+Z64DTWlXYZipXyv-6eB^l%EH4^ng(S{1Cw?Pej+7&6A?*d$nEf*}L9s zrdzfgqwBrZ%ul#mivZtj zfD7>5+BH=p6WvB6>QvZ?E)jKmR(8UK?kom4^7An)X3mB^?Am+Sv2%^iExAU=;2NDW z*C>mrrOk_ba@vv97qa$t75QKg@S@--5xlmuA>-*##`C4MA5V|a|Gho=;nl+^{~GB3 zhuw1gpYCw*WdHjp&z3Ou6P`2RE%&14>z#d!kS{$L;%tUeF8vBOl?a)JW6V2+@&r}- zC`kzAKo@C_PL9q23n{bFHz;8MBued)U znC3V@qn14yMSBjT9ER=xAFIGzg#Om+{79>ic6Z>0yaku>BH76!>47ZV52P!3>lJqb zndDh6yrMw@rwCvIrm>)ja1H@50x-|wIm}Q1LQFCcPYR!O)q?OV!4b(|7&4l-QGhe> z?v?i?*dbs4XD^Rlym|SB)_-r%>sQu)zxTBMALH4g>nx3f+-Ht+t%hN+T16Zv5paRv zX~cQKSWRyf07%T0Pq_zRUP#~<1bi5QD5h%~rZCEoSY&)XgX=iGA`}9o=e#IzVHigU z%uqNt7LeEa_S*|pkFHJ%Q^mFlz<9|PU7nCEMQ{$p{T&l;VYCEXDB&7c=J&+l6fRUL z!~_N4*BMIDCQ?p>uG{`BjtScN_FKwrz&WEVIF18$j`{nB;jq4wb@YH(-!aH%=(ilF zh{cv@wTkP;5%^F<{QAI(zA%*HpTL<4{Q*9K6F5iU6A(rr;8W|9t398Lf9PMWPc?yo zz$Ynxe&T_Fz$e!FD?W14dXG(_R_h{`Lt5-1RaW!2`zLi*eatN9gq3 z0v#7d?opDocRYsYy9n1|nj&_7P>4>_c>dt1?z=3YM-|a?ejVRxx!{!Vs#@cfos-H&HaD3*Dvq?{ciUu{@bHG%9$DbMCSlEdNa0nD)gp!4pSU1xls_iqRf*d zT$Y#~dX=*7oN*$t0dRh7{P*EkHBsHDyqq6yY~ zfEE~Li0?h+mb}*gu*ei)xC>@-IK~L@I0syHUf|D9VMwYuD`-=(hgK(aE6@WP&|{9Q zqYWG1mgH3W1b#+Tu(((zRIrfKjsB&=uPQO4DqpyU_|f{L#o6*?G%oN7;E00!(EUI~ z7;E${P^nxE;#2_YQ$TBDK~-QHp}JIXDewu9ETwY9C-5P{A%)#AO4aHXSm>)d=5J#-QMsD!2W4B zX#b~-24*1lYv*5p&ppr#v+GVO|M4b5q;xW?-d@6#=fKMx<(yRpN zsjw|(zhnd#iqWR=XBtJGxogas)xDB&W56dcj^mJai3N~hTx;V{G^^Vx;=|~p^Wnx( zVPc%ojiUvKaYlo~{;tD3QAUmq%lZ8I1D8J51h=_cSR3A-N=!$u2BGvfdsayII*?`*I(vJKhO!jp&kpIH2eTAH?|~xo>0ObL>uUP2 zB3hmWN;AS5!SZZSzSb2|_W9FxZxzQ@F>g|4_11vDw(U|>x69hh21)G|!~Xu^+A5lO zZm(#IF6#v_gDb{+O~pDP$13YR>0y6&57+%|CMa z5}dM{;QKtw;>ZyZC1z+2Wt2zmmK|U}6E9{s2vDTO?*ss5SxSnqkUD09duc&PB@TSI zaeJ%`~#!OsLBBbLWL9eO6m?-HgFewraX`H=QDS=e0B^t2%$b zYe*>H&qdo0vWCoCiHBN6@{Xd}bd;q>;Ab3$N|(#8xW;G_r-*C(=*tLQgE&H#`BFk* zT}Lf=7#U!|F~4S^4Khq1cg%>u6}!a@gGPABTb5=hY`;cR=r4EF<;+Oly0DX{C!-nx zpSidbN84D7E%fEb1f|*MR;w&iENVm@!(i6jX_*uRUPcR?#!otpLBvw_3d9k(o?)L`4|0Vwx4}yD zi0p!Rk|D0ozeeMCubRn3T32eOiD>9_vaXu#xl+svsx^~`oPXtSDOahjyV3Y5tT)7ZdLPg+3-R5!WMX?eR}BA52o6D%EElW%#pdlQxkR%g)Fn zWPggINX_P?KWld~`K&n@R3H0MfmqH5)n^mp+0GEvXT_<)(tNXXhNa?)lSlP2CUzQU zu^)$PE16Tg<{V+ctPw@|vqny;KE}aez+OF>wCKIerocVmsRA9!fCW zX@YMZbDyG&2o4`eQ$3272tww^5y1hXM=ll%P44sT%z_Cx5k1%i=Xjok2*fFP9mC*z z7*h6@KFms7zdi70j-wGc>~uQKO2dyMFx=bg?`<@Q#bv_=!+60ef%Tg*f2x8P7EWQ? zf88;*;$nlQzmAIB;7kGo^@5B3Jlu$w+qPXaM(iB2xq!^}Rep#OvRb`(Z0?cPy>RWG zXW!fO4$Wec3Dh;}H0l(8WY>O*N#<(hw~ymFA6XRa+?!^xDp9K=VdcwfOsYpk+wGWn zEQ~TVWhtz|skC*;z&SS_;r%eDdV>m*oZ=;;EW-}Op)Az@~=f+wof>$id?-=@5e|;DYHQPE*-yhp} za}&kcN&r=2(B5tHIyJIG0XkXu&499k1)I?5{5>StFQ3WFZ1NOlv)aLy1=fu+yMD(^ zVzF$7Vy08EMcChMGMa2VpgX{?zdCeeon7EOr~gsN{p(+~lYo{2@3U`K5gG+JpVza-d6F$(;1s-JqIcT%jKbqwJR z&n(dhq%3P?3sM7ONEh07Az>8Xa5PO3Ay&ylDqy6!X;m;(3KvDsa5pzrk zmGHi_ELpOyvWO%Kb5Z1>go`A_3ml^93i;wx6#?@&co^ZrrnfS$0c_@HwJ4uSb8cE5 z6cxS*?l27FYemGD#D^hNsrqf$AJGax)c{46FGKr0IwB`=L}^)zvtH=o#LtTDPT3@V zgVkRs8Z|azthU>qGZ;1A5n;(bLIr46lx^h_F-}QXvP}Khk8ZW zz2QN9ADD4}T_@Pb+FsC3u#tH6LJNNI;N9t1J2R>6$z)A89Muo*p(^}7;_C<;y?!kP zu!e`fjR%1_8ME*gFl2ZVOBeJ)fR}29PKZejKEIl>4bISfp%KThix`28VUc;qDb~mBPQktliA|5%17y=x$NqjH};)s0tG%?)%SA@{u9+2%K zJmvkgu{Qo&zij`z*V%ir|9zCl$p6%9!6Z>XnI1E18MFR}JYs>OK#0dFOqa|@qp;m? z&Eh#d_pcAslBEc>x!bEb`&!ti4M`Ai0W+8qkAtGSAwAZkC}U9b_Wp3tVM*by(DFJ? z12Ss4plGb+N=#k$qUFk9+E@7)sjhxggh=|Pr2cb298w-SiT`27wNYuYGy(vS zr{Sn3BvOkP7Z}K$g`wA4NL*N~q(|cmw)L+?qPUkfR<8eUr`H>n^FQtNyHEL_ALZEs zE|0VH{`5qcW@6v;4{L3Ke@GWB*Daj5T5*D+MG`TiH@ZhNSkecW%BrFO@I#EEj5~U> zd~4D_d<237r6i8pqNvM@HU$PUNLOJ7r;=Sshw-4hKj;kh$9wz1UU$Dg=nne*-X0A0 z`-gkIZf7{?cY1qhxYr$y;jjY_`}^py-#rY*T8^$DXmyf>;krp&eNHndN^)h9S|30F6Gm01+)P;oze>yv%J&m zb`HA(N$~#u;bDJp2oJ}dLw|U1IGOlpum=Y|3Xt#b_xIprFd6%Yoi6HkgF`LFJy;_d1fihn-IM(BDIY z?%_eu@9p)wz2U_7JN{uO7GD$ zv!0@~j4Qx5oU&S#Mi7mO+xNP?V&?V^_WJN(90Ugl1&4m;aO?+zaktYM9|nUl>UI1< z5B59zA#n*=@73((LXOnRLz+#4V6cLsa={obJO!vi$# z4ukQ5AB^{{4A*FSGj3a?=Gc_qs+ub}ZUNm!UU}zM6l(%Rr)_uOb&DxG4kl>a?Tz;) z2M`?uD46)Y$-Y1C9>C5R4h|0Y4*fv@eZPCy-5>T2d$2c|Oo9#^Lq9-c>!?;*Z%W=4 z_W>;E!ZMwJc!AOs2S|Cz^L(08Zz$szi8IPuQQCk)%b_U4DPm1S56)sTH9anMTQ;K;(FEQ{H? zlv`U`V@+CME7yvk$qGcx*Cv-~j+ULl7*I7-j)DL{@Kc=P|HSO(& zF2f=I52NHMN_`Y%bWYQP2SqthQre$N3FfL|7KoPP{85Z7_lqJnv$smyQq){K<&4rbvx~>r!v7Ifm|Y2XKUI>AA`FWvFLG&! zLM|UZ21=_tQUs<9B2Hz71<_?H(9=46Yrder_`YbZgqXb?FN|3|{$`^p!s<@je%}$K zLf9p7l82lR@Nl$6?hqjbvdCoo_(zB5dj#M$WYQgE5-UNvyhvFViu`n$WISDoAmuJ+ zVvN~RR?OY|sXRmlx-G_0qvbdbmK*`-`?Mc|{?&l!99bo7%LuX~Fkh-DyrR3z5f~Mo z?8_)#9$My)Myv;!{wcLd&D98&`9@YY_8z&AHHz&k@M8idEv zjeP$6O=}Art0GJWV3+@kAJTZPegoinUJFGF)&mw}T;RmJFDOcxKM#v8y)kwH`UvL< zrP&tvg;5Hm90R$t&;#Q<-sOj4UYNGeVe(k)W5f%&Fqq@0#p5X}VqUy_bNc$|;^pQ0 zqu1|Vj(}t7Ca>wV>TzdyZ__m{kl0}uy@;=)YnTS$==2rK`GF8v8~77Pl&81>%%H28 z4YjpVb>*nK+!>CA2*uGPPUpOAOAp1Y`g-#A#mmc+qc<-{;z-EC?46;B{4L&`!fZBT z>%fcR08uKmT5?pS{HKDsviiKXyeOq#+&N5KAsV`3y;X|x*Q%Hcj(I4`B*ihaSMx(i zxUe1I2@7|hfsC?aHn~NHAmYzZkW&Fs);p%vPFNFQ3vk;=m-fZ=Q=DNRhEn1T!}yxW zHP5`8WQbV>mEqb_KNVPbeMJY?4PZ1yX`Bj`bY;9XUxc+&0*nE-I6clsfF3^ za3M$Y%mQ}f z0)dExaeS30GBZ>hv9ky$(kfA?c|sU2e5a;UUvWQfP{gMuYeg6nNfV>4BScHC#3n-J zLJ&;-8Pc~MzFD`$M$OO`qN|8uY30#uq6;a5Q1-l0RAW)kjg;$MTO|0?`3P}E!S)v4 zcW^Xyvl)`FcUpXVIG3(-(G@W#%rT7U86p=>xO5JdqiOmufnyxvj2=khJY(J+;vDef zyH}MQQ7yjajmz zLp(wL(hpHx&r|_j8zGeMEWulZGZnyx@HpR)FcW3UC(b__**-V6chu{$!nF!3$V81A5%x0)diI3PjC57ttj6t%?jw!5Vlq0gwgb5G`QB zdAU3ZvgJy@w^M^x-h|Q8A;YvemHF^LN2=PEpcOw&01@P)`A zZ@ER|FJxvA92GN-Yx`Nof39H`v_N2*LLW`?FkC(o_6&E{>S<-aD4!p-vyWs`8(pDj zfq!b%25SHxSx^vXDi{P@;ZM?0c0K4BX$Fgqsm@Z zz5LMww3=I5QTGkJl6N3%_c4Q@ZnHfCMOJ#4&)da=TLB`Ra66#i7$Sa`ly~ zRjk%(HMU)~)?K0lr)j*PovtxL;TymlE?LTa5l_@Bqfrp0VsLg#v~Fc~R^KH7YDI5C z<7T?DO=_@YAYB%!PPa7_N<>?v&YSaZO78R^$ zEjuy-{95?Y8lJ>xv4$aOaBj(yIK^ujQVmlwq+JFgViu1@ojA=#rLrvcr3?=1Y2QTl zfBiQ31C`1@?DBul=^q!zr$X#__u}+}UY!f@^pgolO*gDar~yDWfog zcW1BJSH@L~YYDCQ9AOc%)$Ec|YZe@_NMKbuEAcx!gMG4ItL)d>y#)K>nWOum0R4fE zn6ObtfjA6k!=QEqTn;U%oe*$DG6VwB$>^!iP@Z zeAuC+z`ek_JRc076R``3yJ{(f=(`3RCAnJ|I}p(+b=O-Wbsyinyx;Jayd~OS5bkDXSbX$3YNY!xZWC`~iPN!5jJo zu}>8|+1!pNyf!Z*c}$i`iMe&i zMaQggMj)Ev=wnUMEF>=Unb9p>K+acwSh(k7hCD`@CX8+ioN?epH)3I7FL)ja z9iTEya@atLA=ug~?ToXSWW}zi?=b93u}C@UKgERk2QZ|}J7&3GCXf)M$v+g%i0`+q zu!r-)*oQ@WgbGp#%w`2r6hI-3(ocFYA&J>3%w`^Fh7wSk>$dTZYY^F95m4!s3V2$K z5%Aq}(Dk|lw^M<1!Orcc%ze-Js3~zOEy+#GP~Py}PpQ_5sbC4h$}PkiLuLYUGsxQU zr6f*Wygn~a7Y}?NXER~G$E+kNd*m~VjzE&e%%l~Xqr=A|3yH=JlyM-RzQ(L^vyf;Q zNh5w?yvt4zkl7QdI|Fl1^HG}N3DXWMCIgr+$uUYZgeIg~Nj0(oOc=`S&0|Omx4SRIOoKm8^LSwSslCo<01AE4Z3z+9x>Vr}cV$TjL3#w}fSUSj)V)S0R%*<(ZS^^!>4z@_#@*vFdcF7FMah zbt0ZUXul{@xmO$k6$yV={Q1-AE=U&sE|4*}cg0?}TdcNS6@i{k4}L|iT_hw6{X{j1 zQ(yVLCd{{)_C+K8FE|XD)WeQU(NYB@NX2=apX4Z<6XjE<;Qzu@23gGaDSqM4(rU=V znt2y139Or(e`x=mqH`HfF0&cB$O)w!p6FnU3t|y?p4rd1aTE&0hBUaXFysw28@#>MiVc}A2nWM04LArKk zvC>r7dc)h)Ven&=t50=dopKGi>uQQ}<_J-wa`i)q=exzA3v(3pou%o}Pbb<2Od$eCk2Q8>z8(2WO?;wqt*HU$3%jlkjI;g47W=Sqc`9b)*5q)e9kJ-j~# zc@jt9!;A`Jc|->nhT#XnxM;z$_wlhhm&naW&I~#jGni6&CA&r_0x;Cg*jpNvHzBg3 zENd^o>CS5VK8ivxGDRMBfa9B=#JtS)+q|+xA;a@)FxMxM|Do8;Ajsy)gn;d{qc`pt z`d4(ElxM|`TrmQuvOeQOECJJzrge$B^AURz`_5JsZ`fot>{99+{|E7p-?P@=bBcWc z69hB5Os2w1UeIHgaVTHJncq^Tijd78ex79Dfar}Ff?|$|FdbkEboosCDyGH)reQoK zx11Xbn6_#4r`hqyvx74|G*4m{lUUGZ8E)#syhfb zSo&!mJVnqi^ zyRiylKWDD9TqPE#QW0X(nBS>5PVL#8kz<3CxxCA-PFaxw_{+^)uJLIwfu(Bbt`nH| z`2MG{g!?p^zu06JUPHwkuGKWNg6>>~4qGwpG|l2ytm@PH`)~@s7femXRdReJ-V2Zk z@|l+B4!Q`*Te!}F|Dqi*?opI>c%)vbR6SflG3a%)Ph1N>U%E2NM$NpE*H%rYmMkl8 zOV`aWJSL^GCTSV?@HrBlG z`hga$Hyq_M)Ta@yV^BfCpp-ErqtRT~%WCvASjYbUzLnRB(c-tS)xk1ys=43_Ek`Ub zp1OPj$|h&NbXf+v_I&B8BCRzlZ!J)@%vPo@13ze%7B~v<0tYz^>BwAhwFBZ2Lr4ZA zA9*cXE_e~?irrbWpjG33!}h=QHEXlW~U|pvLKnoNgT%0<#|Gvdl)kYlZ{USm(f5qQi=vi<@2KuLxPmyi;&t-l%<%zZKKR@ zb9**Qtt6pr|JA89gye-}$hLb4)dhpV6$rRl%;q4H>nBm zZ9V{`GXq`#8=C zh3wB_tXT@tJ;dW)`7k6gz!BXGn1{!VGJL{qi3mvZh#sM}U~D3;V~DdXL=?0_WEYU! zpV7wO;0V*<_2i{+5UYD(*$=H+9`U|%Do)}sjIUY9+bs}McCia!@b8>t+>jm;5FyIb zVY=jjL`Aeye!NJ-B^am7^c+qyl!9*x8h_)l5Jz-G_`d5W`3MX;oz7e+7w0VT#=(!6 z#fRaes1@y&3hs5@U@-|UMC^3B8}Qh${05c)f)*%+Azd0SJp|LDL>c0$_)h`5&lffi zD{ZZKlFgAGN7~-9vhaF;dLo+lz^kl5(?BEyV4f~Gn#8+8BM|2q_%+T`ddMeyF^}48 z^?F(kE|$eG&QrIDl`GTmxiWE~AV+&kAT-4|zdCOKZN-dj{OSe!li#X*3g3`1@~B?1vjy$)^c+;Bi= ztImZx3ISnYrzUN!s_$09bv$7&7p(;6@R0}hozfAvn&dWmr>EwFKsu}C8N ze~+RdzD6-SqZ)1ByDD{aWokv8O6ldaEPI1YZCl+P^t5A~D>J!|TNQEh+~41>p&{L5 z&nObgRRdtjJoF|d3Z8|Fq#PD4j>++0v|JIoR)??Do)5t$^vrv=;TBr`2W1)t?X*Tk zf*B_N0hmr1hRWxQp4c#*dQ#uyGOY*?2_9f(x(; zEKiM6&$uqk6@PI-6h|5tC?lYKafCT-+glLYqHZ#&i!S1r0~q=?>k7KX}UN3OUgPQ3=5jPnR zmppi`R^Vo5gnKmFJOki`T0+jZ>$xcrZ_W1r!#oX>Pk2g1`w9- z>~yXK9#-XhNYHTLqKHy3DA)FQF!6EB0@llQMukRZ9?Q;lqRlHrPw7{P(0Sxj5l)5+ z(OT!Nm2r3}4PAv^P%KFL#@-tqiI>at=wrf?b6~0VO?V4Fzz>oa8z`NN z6bVx3D>>om?63%2QP@$JHwbU-j%)_(VGKu`?aIiw6x>A$sd{*oD)TN1jX<~8?{&4e zHjID~vqQ!N6xbHAD71F80$W=T5|x4hPSIqvD&fH`qEZ+Q=s$`m6`()tcJ}!^&_XU$ z=0T*Q7i=&Q3e9?*6E)bxjk@HSRr0~5oLD&1#sTtHdDL3`WNB@i&nsi7o4UN#I=xD7 z&dp>pmBhFZ$O@S(jHg`fLuNQp;RV9@3U45&t(KQ$`>UiSg=14u2{f0K6l|-QbW5qI z$en!~nW&Uk`Y|LTjlwp0s1Q>$4>CT%-krUsy?z~EVfKMe4%67;LV1<5xieMnV_X6d zwM^Ke7hx>DgOt;_5OQdR_O~7_U_Gykj%(QkI-9Kvm55qf7ipZ+DZpMwDyas`aB+>Z z8Iw6qcbIlO@H~8xN+-d~c{w z#+#%VOqdEc%4ATN03|4*A{$18f)cU)ixkGHz;fd(&(^ex((6b`U%}WSamTyp2w$ z(-{s1?B7nOQ~tNtAMX97JLv9p`}>1_xBHh)uQ%*>{{lJ>*>U;gB!lT+I(KfX+_|sh zxw&b7+hY5K3beqEE#hu;9OfuVal|8Z%!+)vNzCJ7@%bR^sYE0qm=<|qi{z@N#NxHS zZGZmUy17v{MGi0E%@XJU_cPt1=~p}f-g_=pXt{Yk!InfpUi8^4fy`%j^js$2R8aZt zx=iru0MD$+54X)LfBxKZUAF}jEDk#(pkdcu^u{QI-PRS3f)S`$M6Ef>AU6t5qtUabE?DnGdOiRQtdoSa7hQ3`MX|lPsp)@V zCPfc#f(ig=xZ4JbQx<$unhc%R41kd~xdw_>Mg!Fq0Q4NobpVPo8i2k4fU*?(I+^X0 zZgtvbNe)*icFx3gx)kNb&*ES$k{l+vdczwyTA&n8k=Do>>aN3xb_qp+{&QsyS0tRi zWhdu_7t$U2*#Ix2tMZ2{IF0=KOEcZy(X(d%hhezcUT=HW?Ejs;UdP=3yTiS`r~Us? z9=89BT)$bmOk%m$SGR1gU}wq!b}mj4QwY%0D^m@G{K8hHjT=KM{L4iB{Hi;U8iLyG zABLg6{kOjbKZ;E4LctHCKtIrkxYysdb(x{Gf3aMhV#Bh)P0?IjFGw+FB{X`JJ=YjXuIJFpLP%CM7!r4IW0#;L| zZW;4X=vvG?sI_6Nyc9-L1fJ0fyWm;jyfb>PgoNUyDclsLD@O$(@~Z+I5(TO?;eP(y zQl;D9@;E`-eViU&sS@svyP_}x6%C3Dl5)GA0ja=IV0lULqK#MZb@Yl3r;^b}#gkfA zc))qf2AG3$z;=NBjE~PMKa{DN8X%^QWpm78ROTbsoVtF z3c7k`Osm{b%#tJyEQ9zYBs|!&ZvR&ia_=Ajtl9tjgZ=XTPp7-T_q6{%#&etfU(Jd8 z6#x|2CK7-u{3HVW0Yre*c70>i6jwJ2jb|iFVTPtldY+Ysa_0>33Fz2>s2cj+B8&pC z9U%=~0c5B0B@ROzP2VK}|Ev*h0&xho*+Q8B=OoSm1PkU`r>e6&-E`di8x5@n(=pW%2W7PcqXGJDRZq9$6nG?0rwDj?1Q!s8a2z5<0;7SE zMWoOw746UA$9KhhKKLu-2ooa5Mu&Ay-!y4^wXI`u|tLlVPRyAJhqPV!o_a{TFF68*2WgcZH_+m#<1%e>q=k zbpGPArtz0>Z2JB{#&fD_^10X$XC;t^GGB-fOfSD(W-}5|k<`)w&vtfJY5z^k*XsV= z+bRFm@R{v3Rs0v#f!VScPRd3Ov!CKH zK&hj(VZ-(z)b*uRui!` z@}KY$I*mi@FK;UauCxCb4u@s^AAR*C|2@LP^nc%1bbKfJxT`RlGpPK+1m{;-@>!^* zdgY#&M+t-HsMV%fp_(&I@<*WvrxmYGhh<)0N(Z+pS z-yYJ=4M=n8zTZ}iaYGy8p2(>H@ruo4Wq6V?G@$j(wr8z z+X1UvG>Wcl(*RR{%~wW--|W?(x>Htru!&QdzZI<0G4$)^Wu-84q-vm%UB!2&JKbCppQnq^hjFIg{%(+q~SSXD)M^H@^p{2yNKjkPK#iGBKHhSW^h|?5Vr5xFN2bWzxD!1-WZ&|Ki1W&dS>*hj*^yE zyW=+c4Qwj|5rz)?&eST#NUarxfknbxj$heVNc%Qr*}Vx@dzZ;xtAWi>y) zIGyHog1dlr(``su0 z|0vH!@jqY~YWu_cBGt{k8iH~m*Pt^FCk(@IJ+NLYuog3N?hU6Ncrheo^A4Xo6B+wVu zpJymUkRb0wzP6av+KDT1Ey`Hv+N+ghzP@wfn*E<2%DiDDD4->RkF#wg2r6I%WBPe=vAj|Bv!i^glA0(k=BpN|C(E09XcTZ)*Q5Bg1PNAo;3f zUnl2ljeVW?tm$qfoZH0vkacUKeH1prMzhUrgk@)%+6bGyd!YCrYJkn=nyQJ4>YG}A zwlvF6c`r?j$+~V*uCn$#ms4_`vFD1pST^=tGZ`z!o(hKtvh~zZuQa*J)Kk{eO+8B_ z{c@(Bss~S&p0|0L?f;OUx^5{3tdsxu%lALMZm0L;|NSVBCjaZ_>y6I=rtv~mcW0LH zL`Ln^=LSPXU_C#`-MO-LRt^$7b(lnVkF{%2CX^bf=xnUIo<@$>_j~|ZxBd$=iQAt6 z)~x?Qzt=6>|Mds^PwW3No?FC!I2Uu`z9T>xCOM+WvxO4X#nMt=Qm*8aF}n?=pN+AY z0VK3e{Ek$}_Z2~672td1MZeP^5Jv2RyF`L`8@)gwdca5!`ci5T3Lo>j6LTKJiMO1IV3XC5sdiOob9*Obol3ttx(EwyX~Gy=Gl38UwIkbo2c zb$S7j59duBAR{%OOY3g)ri&t4iUa2i!Qht^XXq`n@Yw;Mz;Ai1hk+@=_8XwhwEps; zTpLacoIQg7W3+d8c=#iBY^~S~KRGn69&*4ou-PQhfpn%}JcgkIo>gpT|0t^XFY>IG z|G8~`Tl3XuUuv!w4NnB?^8aHzT>h7$e-_KA{w4REIBLnT|8fbp z0gi-QC@Qr0HR1nRzUB3?|0{kv7Av5744UYNR*`d9qpnV*3c!kDwf!x4 zC2;4L8b-2XsdYv3BwHH27dNC$x?X}=WLPS+;UzDC0)EwK)Yb!SOhrAurOUD8zs%ti zB{u2+w`)6B@w942QGi}Ogu0=!aKE`iOLdtdX08LAEX|Pv9F}za6lOCAI4*t7GA%iN zPO^CJ0B51$CNS7pMY5o}2BbD$Bh$*&Rd^#AZw z=IXkXPosq|^*CA>9le<*8eX>ql4TWdGAEheknw@xsKXOyi_2Z`Y!;JDj~ykTvwYjN zcYNFYM8PV1JezQ5N1L5uw(`CxdN>phM|EbW<|3`>T38$2Y1LZLf;-(|E!6$}rRAVM z>vJ3VUkDqGF9g=v|LpIVx zhBD^Hi2kBf*3K!rKM^U=m#nEauRe)WZOp9s)}6YGN}K0^l_s)|Am!CAc(!1KtoHrN z(&2^PNxN!@?ee3RgrvhTl9<~3!O;Ggy^aS`RqSFS$kO(ykQM*46`L@CCUr`FVkFb(&>x`fbAXeQ0y82?j zKfi>PXMU3y6?X;BM%L_ECXDjFBBX)f)({2h*KWa2N50?LvpN6gyY{{E|9<8C*Xca@ ze>}>g_`gtRZ>MO2QWW_(nu00L3gKp_bO;1E%3|#Tg{#dsxZSa9+#h3y*jU!%8=)nT z=LXUuhoKBkZUMnOxRu~FF<>z^FT*%NNcL~y0F6LzZ%8+R49&&f=7KAJm7@=pbFw5tB(SDWHbep{pV zGmAA*`k6IMmEXoXKLC7~z%dSShNZz23<7B-<${x!7nesb-n=?#ZJ;02!e4%k+CepY z?n^hQ)8pYagLDGJDBuw)+G8BG$&CH&`s^PPB9s6eO>l&><$9#=SxNJN&xZV8^>7ns zkTv|jv%hE2|2+ABJjzpN|D{LreN5x8BB*b@=~pFGu-))Wb>Ts*zHHmv1KWHRv{`BK zwUIF1X#L9|&`kalp;qrv{u>O+{$Ksh;3@w5qdZFfQ&GkF5O1jSRe{B|@Y(eX*cOJo zR%Lt4Aijag?ftY|*`T4b-AH3A+f}G9;XE9HPy9xQ9o(e^ILor+GGtbNmkGN~JnS5F z#K&ox_~u9cg~__QKga}!h#HBk1y3Ic_r6|3})Cj;nOa~6DYdqAeDREzidYv8*f2dz$b)%4JY;(i6E06BX z&)X>T3%+Pb1y04VMRrCO6ObzABK0s$!;$Kz6v5za6fQ>~OZ8B9x3tV@V2iVIe7_$3 z$DjS#aQ{~$e2@B{?tZ@<|EIVA6#wsWo;v-Ho@DAV^*=?vsSS>gcKwfjqP>6pk4?;Z zVEs=)n~gpG)UmwY*RLqjsLw@`tV%}(7^9=b>y4fL%9@G0d;O_?EFQ|$ue8%YxWnJA zPp=#D|ILkm8tDJ~y^8*S(0%g%c$8k~{XfQ2C;y4$r;jQ6u>`1^)VE1u)f<)k(uork@m#96 zPQ_Y)0CoXIHFk|tG|gdpr_8T95KDutMiR#&iKMJy!GwSM0f!>e^`BMU{q&Tc#{6Hb ziS{L*v-f%a@9q!E^53xkl>h5do;v<7-GTUM1Gx!66~dx)qz*C3Ks>P?ty?e(SWRg0 zE~1>2>z^lh{pEt<%=ROHES;Dh;>0i7e#8U6>g~qoeR9XZKC-XmzJvKZ?KQuzXLJ64 z@9`h{`@=H-@9zzs&i{|{RQx~hdi`tRlEv+>_-MQQ6`$7J{Tij3T>Tmq?iTD}1H*6m z=KO!oFW*BC>#kT(;o+}|Yc3gR`&T#&&#!Uj&&<|-cy;#j zm!sFO_12uXCyrL+?CraYmzQ0mM0daEb%$QZ>$JN)$DZh#6SHPgeB{P>Cp>FCxqNlH z7?_yxW^ZnoxFw?4_H1;i8FDowc7oV27#7u^$?qbsK3NQTN*YzddK15etWGI0f4_^d#HO2};>=-&tKQfrMPgX}~Fi zqQwtsJmOr^DDHIwWnZXnVo+>EG$dTb+>m5Z) zIuB!*l%}L&e?jFNS+j|~11%fk1&RUyL+0lKd?4ZwdcGJ|d`&pf3_xsb6%cFM}KaF@q_0qP|gylA4x1Ydx zI6#sA`!I8Ay#AGvdUFln+VwxI`u{%J|2)o9r~ms!4)?ui00qlf%{R1b5W9A-!0C?q zJ*Bd%m`9c{F?4-951`@G`rO#3>t4tIHtT;=4bVFM&#=E&TK|L2;3@vsqdaQ=FBaEb zH9*$YQ|N%yXPXvCeO#jlDwS)Z2`W|DL>II-JSb^{_?tWHgNj4R`ODLzv!jc*XNJb$ zznmwPQB`I1RqBj>e)anG`7f_7j(;*nn3)0As!s+?ePZg39z>TiXsAmW*mWt@PF}wJ z{~y18_u}P?lb092ygmE*{PNZ5`$1(oRpFOt|Hs!uHKg6JM7zdRSwES-7WE9ud`%3w zo_79Bikb&{R?B}P_Wv#Y{^hgI{$sx)|8)o5r}N*VJS+3R!cz8E7)m4jH!!)^+^;gp zL@9iLV7Ze#3}t?h^*U&`?9=cDCbD(`N-I^#G3%L5423);GU9voJQuo4zW&{-`b3y5 zKVOmS-(q-ZBCZDbZcaKSQIWa0N(AP!TED6E31h-=-G3z#vX8T7&{x8!G-O2!bHUIB+1{MGR zZnygs|L;+rjrsp8kvQrhxW7sv^&6%=gPlwtfd(U#Ciy=j&e^aC{BH zXGx0ZFkPODTwkN-V5;drWeTv0!c`@x;MGfN)@LFv?Rk-{xo#}W6e{6Up_KW31;s2V zR0(G()S!j(s8?E(8O$gt%kWrA4~v7pnYvD7{!ru)Wp-{07ZcXJiuu9t;cYS?O309?S5n2xlJ{R)VxEE1g-6A7@u zN%Vy3v4g24@4pdTut2_mNqiWhVnZOHEihfMR<4UDz$?(HMUjy}E2oHIXRMYHRX@@^EVRaA1Qr(Z^ARgrXSr!D zgD}goq!?C~e^w8ls9lNh+_c*0DeoR7*xRICw^}0+!mCB5HS_BllcJI*+KR<<#Wd6_ zCGkd8d~}Sos_eHRDO+$dW-h0BB5y_*%~?cA>%`aRy5b9^@3i&>O9ypxQ*gr56ix6) zhXbddZD1>y0WgOC6^eq9@p3&9K;~#JSJXEsN$5&lz*0I_s{#<^^D#1dY^{+zhvRxGWbK2{J))Y{I5>0{}liIQJ#(Uf2Z;i zIOB0&jzfs&526iB7Fs$ei>gi!f1rhpSgot8(bSb;fm&Uic@b>f2|r7UH1^F@mG`6C z6HuZ!1Ka2~dr8N2N(u5MvQ=f4{IasiG7*a2C^5&Inu~l-L4o-~BkUN{YN? ztn;;}$Bhq2(DxA`Z{h%{jABfrSG`u>_2b|fg268-&d}S)M-DTc*F-GCxB{?9G)OzV zkStD_d7*Z$BKSW>1BZu)KVqkRK&%i-fZ~kF0o#Dc2?S!h#6TU0qA77t6H_h%FCOg+!IURS8b3L5#vV17TY%H>m_NN#eN)`L$L## zpDr#=&y~V-wZ2r6ohK|I#GfHbr&*RI#HL|fFPhv+QMw(cTvCue&XfTPh(##6}q|6-NB`@&p_?v#|)(rWcSUEjtZMyq7-|L zw34Q_Tl-MG#IUyZ>eN|N@^uV@?_mfdAEm4DDo zp!`ryiMp=_bytHh8fW`hNncO*pj}N3ZtRQ(%Jh|<3ybNP4Q-~Ut2B9*Bvak#6)&|N z;+gKoW3;BW6Z0brFG1OiS%_^i4!hp1`FLLY_2T$cyIhv>A*stZ6=x-to9@hn0A?NPF%~vcPNHjBtGu!s7}gPS{LLiZRfO~*==*0 zU$;l7c30Y|`%Jfy9kJF!>_I-UKR z{j^qyd>IA&p8CGU$O>slJ|;*y+Cas4l#d`ztUIFIdNp3NA-7q@Z+O!-o>MTBgN}Z6 zQon}m7o2~>yOpou*-Za)$?U_hsgLyewut!nYz&euGHueqxjTgmEL#bq!X=IpE961yhy zcL!{TC^BK~=xmQUKW|H=%t_4IHq(?z1Sxr?8tR|U-^f3mzdFhsf$lW*2CFF|lqGW` z$8|I_J6xifX*5l1IC8Ldl=#KxM2VmRhv$NXn-Gu+QL?_FfKxE9(2|r8{{$vDC0V`g zv@t1hk@c+U7-mv2TIe5DNf0W0@!IiHsA9ANqd28PI z{2Qpc>5F-yiI+F`>>sj9{rq@N5;xMFhU@+V^s(YZw9U9!`K{n%8Wd)=M|t@(dQ7~; ziBt4ZbZ#){YyB3-VOoXhZng3-o3Z!p;+<%?1WH}kvpyL52>PacKDg2CNvCPq3RF%4 z`uZXX^^*cUBd{Jm2it{}A}#c+*4mPlx5FrXD<3UOrA?C77=lUUE4GgXNuPslzWeY( zJKXB87UrrWsvbjxZJlPK(!e6{W~Q}Fr7=<);0UPvJWBId znx$+wrM9&^w%Vjn9Me+WK3S~IF;1t06%5ft{n94)v=y_hG!8?d zu1aAP9EHgYp5$||ryJKuBuWZsL-(w#?Ky1?(;QQKR{AC_#yRnfZ+RM4JRC;t_TLtx zzb&{uomR@0Hdr%CV)fv5VT8&2T6v&3=l*z=(9I+40mBHtl0<$!CNqjMZ1jF$&c+ zQnH$r-b1y;3tyrg>n(6I^i14t*Q#NsWNul7>Z@!bB~Cg8Xcg&r$FwxsjJgg(kawc! zO~w6c$7)w4%wH;JHaacg0^*Q+nA5|9$f8@Mw3C?qGx{6(XXF6KbzQd8ZXA62nc?u| z-rRtyub6%jw9yvDZ39f(oGc`23(7*``C>P*6N24M`#+;4C&VX^#phXyqiGRe+Sp_$ z#4EI11u?}7n4zX1ZyqB$?bGwn&nEl-EyMq;jsM%N=>IxT`Trj2k@r6-MhgTeJ8e&( zIP%gl#}n+s3;|3;OCrQR5}O>iN4z-Xtfq}>&S<}EW8bi@ZX#X5SglGq=U8=5r(~6h%x9+qR}nEPqz4jw#$H-LT`Yr!6C6F+E^ z<2p{S!Wae~Nsw^hZlr!K-QwVn%5*czP&$D=BF91kWi7F&RP0r3`H&yTR@NB)GK zrDe=@*5toq906w+IJbaZqepE@gAKd?1=wWc^=|~a+Kd6Lwg2mND)xV!r~Ge^^6(r> zVHjV7pYt&iIx>;*CFXk207YKy(zgacyDC8G=4sNB*gMuMY3+KleYsLKKqbG$lHdz8 z8%CHUX`G~(3NMA;kD1$*qt|ZKD?O}R(JAg8>j;*Eqp3$35{}!8u4C%A37RiZdK}La z7Ju*WU9WrSShR6#De9S_90UeqltH6O>rs<4{2B7E6fsD~+gol%jw0BnTe|CQ)+HlK z-p*xbSz;*n;Q?>u=cAxD39_7*HKjE*undm3)IOyV& z@lV*4S&_n%eHWoIYp+c#oJF5xkioU$w1Jk6-1U$8H0J+& z9z8_-m%;viS^n?r51;Hm9_3+t>gC4-iX5xVl_Q?;@GW%YYuS^|STs`s9{=b>x1uO} zsc5Di?@LjW44V!MsOMl?`8HcV%VPuoWY}`-)cTDSrxLb3Futc+kq`~D5KGhSzC6t% z9}N5KPdq=*ClmY;IId%t!du5IVh(@`gGnBSOYmC`Lp;HBqev1qAYSVi#G$kD8Eu0O z4gq82!<-;M;yGdmIL_7iFitQE1MYGZ;yKPxz|-Yo0=CCXHpDMZ&S_a3O<97*9k2Cj z0#d#Ma3CUwClRxOy~83G@EC!dP&^5M40(a=>M2tg32Dt*_qY438SfZnK~l!HOQ+qTZurdL~V*wekf!|I=$I67i)%>V$#_f<|yRclCD7O zsK#-`--TqFq9kPY_5ara&ZVlb{wtc;bVa+DRpAtXm{V zD(+J>1mty?ST|%zhVo7PBq$dNV0JM`(fW3iIUFfQJv!A+#m&bk zOUPzf9K}{#K~HLr-`Qz|{D2`^l9VD3T=Db!aPc5BPES_U9k z!vx2miu3p{^d#_6-F%#c(E49v{huPXI;i^R?(@I#pqBr!)BAG%_b49+%ZiycBEQ?;f}c=6m+K%Q z5lqw;r~)Ol>7cSb%4bUQQt)lN3`D5#xxQZ+0t3~>ijg@=QO;LhMkt%-i2jj)3{v`r zvj4HlH zj+@5oUuT1SaQ|uj>`NW&(q>&Mh= z=*#!rjO?ao8{VdK0zLd~Q?z4(s@z_E;+vLF!~0J7`_4ntmEc6SRj4>tfrVC$waj8v z%9OGQKsnB$V1+CuqDELQWR%y(^j*D98)j(fDRd%m)IES!?uP_ZCfrNMx(J$amFvXL zJ|OO^Gqem-tFW2roU1>7SHFC3ia6Cv`M&H-^?cPH!x*jc?%~@pNCuD{<0D&s<|99HGC@sksy=$Osc*0~ zNiaJ#F(=Fe=Gv+PP$k#eu4=QqV{1|q>{8Dx3=O8%nphQpS5BwSOl59XIGrD~S((5; z?~O|Luz?un1l7c_9<>6{HW92ETeDbP4XUm@)z~R|>(BOCdz$8E>#mOLp~S5R^23Q* zg}^0dJ-81Lu?CX;#j9Q@713(_{K=>G!Nh4D-h+rz1=b-(>j?J~p(W(z;`6B(M{(&C zCuojhAd;G4w&9inddt9@1xihQ7OSIUL$X?jrSk1d`F3akuAQzq^jyEZsX`VxT@~oS z6-KT2Q}mL;H3D>%WeHlMl)>a#PF5KOi~w=ow2;|Y^xaB(+YnXN)eGm}0WRXfaCBzS zDi~sJw+X#LFhY@V&^&otH9it(Y&TPS5H=Tl?!K%v8_vj?8p$w+)tnIOlgxI6aU zp-?IucadfM7g5}fcWPctg#*Zb%vUyajlP~b(CdI+J@5YE^od)}&#qqYS{k~UYx)&& zg8}Gv#$MVYvYg^nhH^-EE=&>+W9xm|WM#U_N_LA#8bN0Bw>9I&*cp^=S)z5u070F& zz@(#9Q{_}VL%DtEM5>nGf#l2~;~VTLCV0z}@7h;BQ#G&b{cc6i*7|6^u4{dIfDO3Y z^uD5`ow4=Me0}1WO99YyP3Mg6;Q+A<+WF^cAC~ATJU!k_0V~O@W9l8s61@gI(c8ro zy^rOJo{tkOEu~VxM}n$ZdE2-{X(ggf#qBQA$k+B}|CfS?;EItYWH^FJvJqG=FRp%n z`SkYp@1MVX^83xx>z|)rKCSQ7moU4CW5;eAttcZ)?_(kRyiemz3YR$YKG&$9vfV3nE2>5ynN;sbVN};m5u_q=N$3X$5ZnL_Uam~N1B@e4s#6*7p9iNJqS%R*9 zz6_kCf`Ezm+#p*=b^h?e`|)ZAxCNo?3bKWrk~^e`U7>u5MZraSBVc&|*-e98@7AQT zreG_Ql1y*=gVw1%Z|kzS|E-Qdd&~)JOlWPN*g=~ds~v|MQ?f{F49UQ9fJizq19ZRDkEdEXgW0WeoT`naVQo zn1Xzj9!=4Vd<~yrwRrNjDyfAsyS6cvYy{>gEf3Zwo1*LZB$*>+PT~Y?Dq}_k5;lqccmP&72 z8R8=V@Dk3|{cqKCm}EFb&-w3Rjxs_qBl!k=_;BuN#9&cX*qRcRfq#`=(AN~@=b$5g zC>_%0QY#m~!XzPYuJog)G=h?I%r>Tipvz`*g+%`iKnq;FcyR$$AiuSJcHGOhxkmh&r{=g1kvV>lzG4XXnGw8ECJw zw5>7xJBSub67%Qte|uv;1MlAh*(cd%2C*(?x6V?PCH7R@I^B>JpZJvb^W_gW>jAj9 zd_n(@=%gGKgSUs~nSfOjlF;q57c&P;23!{$X^bf5p#!`k%TGjPkwifo#|Rx}ENzSIz%6?he1` ze~FJR9>>95YG_i6GX%r#`XOTZmU>BfY4TiL zoz_tgRR!g^lFq@%_G7=p;QYi+03?3DS|!O9NpQ5W)FJs!Ry-_q0!yb*dVxbpP(n?6 z)Tq$+ihgpT$+1~N%c^Sk?%fvMWS6aI(FpUo64m^#hoJ7^XsgC8_!Y`Ml(ia`1kX^k ziM0Qs`1?(wtzwaX4Y`ZVv*1Nk2ul%N_^}QB( zrNBF@z3z&Qvls=XYY`b>Gl>y3Xt__+Bh_F1%?uc{*vV?{;Oq*7${5u5ER{?mxRTk9 zXoey@+X#eh34&XPC|%>6q)R>`I$+FIDYE$Dmfa{_JItwjzN}=W0n2-?FUs`|JX5_Csk+;eeY{)@i_+5+C8>WS1wC6=@rO+BfatkrE9%w z)K6m6L)$eAlqfgEaSIebm6F(!!{s|p@oVx5a7z4^N8a05cFK91ah${A$-BhKZ`R+2 zwwHxmL_Fw8sHJxx*rU!_3OX4zHQ!9NoncjD!y2bAFGM2ta*B2z`0CTl%f0woKyA- zW{V$X%Ze`Md7-}T*;!rVR23Eqi7dG0cp^9wBz!Xd(CD;#cQ+b{&@(4fW;Y zeVcBIMO)*CbMWhL4~WX_J^=dL{z!~J<)P}0zS@$iGEt>XQGMLN9XroqgsxDIg{&ZH zEM78NJgYVE@IM#7#j#1DkZsdmYXLJJ(X&U6Jj}dM%o1G|siu)#2fp2+0^lg@V zRa@~MZKw~yd$3CJAK*QpBxjgIfK^Zs&{r|0o~f*t`OiKh^{ESaTef=9(%R)~jU^132Ug`Z zP`}ByTl*ef$kGAmEq}Y6b5&ag(CdRW3QxFrOXVFzAhK1vcRbRvvfdW_vj*AxHFZ9%S1Y~l4 znIguC-Uzi;>JM)qyJ)~EJ>l|Np=GCJIbkFsiS?_9`apjePlF$CZ?6Io+EM@g#`WO# zQnZ&RBkI?4aC>=GJHaWRa>DBb)o)|^fm+-0165q#Q~ryCk_WE;-5-r>@t?i^m->&7 z@{#giOe>I;1~ExNLgqMXCiT_PS#jSc%kdKC8(kMs+2K`TUo%hCgHXL*)VMWa>Py@~ ziB8@0H8GkSknx`K2iT3(zEL-p5=d!Du54D)b}SF*)Klp_Zq%bdr$w*OadP5Z#9xci zz1?K8u9c8FMOg;5Ify1N)pp4LwyrP9i8aNaY*gD_E9gvY`f(5#=0XS5UQ~W&!Aw?E zsX{65?N>`c$!9b}kt+nEXYH|-fY>sUsKNr)#J6hE3?)h8-bBk0JtFUKnyrG1*SD{N zT4Tq^nb=E-@4`|kiRFPPHvjG9T22a3OI}v#nce{n9F?uE`h-7l(-|xn%bp>29=K+$ z+FEN9nTUJ+%R10K%j6xJTIjG30F4%iD?B9#L97>oceF(xSd`t6=ze=IwhpN^=Z1RX zz*dZbP-j#JoGQW`#4*}jCZ1$0=0W|J@U94njK zaf(b3K`S_szJSUt%gPPQGN4)}#D{y{JEELG|s9nF5dF;P5tSvY1%STUrr|;=5xsYzpn#m$NoPUj;ry1 zy}@AcW&eMSkMRHO-v1lRsQU8b(>PM6x-FE-Gn1Icq0jv zHn!K%OP!>2S9JW>HO;~%^)03hr*k3bZ86vW7F;B6;D&-MM>CWIm;$>wo)w97C}KtS z_bQp+Z9}=E=63sA@QN)^{svP7BpIS8JOWogUrJYf1#Pv5sjC`!Wq&yqP6XdeLRG2z zWsLqES1M&UnH4X-llrxvw0f>oa}GQNK@~;Rhr2q!Gm=ZM;x>YIzTr|z%j+EaW%hHa zmPn^v#Q!WpL<@}eA%*sjRn`^=&@yA2Cpfp)m;TjCzhrBACa5Kf@v7!2ED!SvaDi+Y zIJD>O7%2V+dV!a?daCC{QZ#nq5npxN^GbIe9?e00BuQRhFLE@C>q5bauZg_q6IdCO zzb4baqlgtEt+?)2aIw)qoaG^z-pdrl!cOC?uG!c^UIOr9R=35BU%m!4lWc3JivvLU zUGirs{td`ZFR>gN`Ih|q<*s*a&9lxoYH#_8#Kn8YPv`Y43A+IDQ7+5?@#WlLM@O8_ z$gdi2U6_?rllrT~mT4Wmyck*-xr#q3J8AKFYwvWc+aft45M}YV4AkzP$a4fs!04bk zv$51hZsfs&E6T}r8Q57_zD9y9E$`4QntARX+==%QpWXVu8718QUDcX?u1ZZevIKVM z|HE##mjAIg{!;(_Q9h3RkNPen1(0j-F>_%LMd2fvEUmN zV@9=JDVWP^KkTSvULJ+cxiI0|S)qxoTYp&xAiPH60)Hrkd7wZ9K%bKu0qYvPX->3S zM=--GMbJ4|caQFI8lMAs3F&Bw7>pr&eA>{UF? zadXci1Yt6$jA*|;%@?sH{J%Zid5_)`_X8@vG6qn zR-;i%bnDi3IfQ%(iOUKvS4%MLxQE8s$k|&BSd0uxBm4Tezhfmf*PGTByvh?b7R7Pv zAIW*U{g?ImU)KNemvu{FIq&y7BjIwdE->}~Yl?Dt$z2g`uT{@mPauO+ND$r%@971D()6O{S|+E%zenEQkKdpwOQki<{) zk3?Sa5@YP(frl6+sT{t_;2$e=^v;m2>y`>?L7WIie_KU-p_${yAL!H+KN;^8fV*HUHmm@a6u; zqkKLu|DUxn9P9$DYz_@~hsSgTK7d=IcLx({{?7GvgY;_Lr*&*08}YODvi2TRzd;cWam9Q1pZ?Yv!m*ls~P-#yrA z*pzm^`|zL8mz}P}tupap9EnXJ`h1C%L3gvt!wpyiucBe%7(F}Cx99?vnV^cLwg;#^ zor~4!ISf-%7vsZV^EnzhPkcg@K6m4%LF;xpes&^s?|yl_k)L#_fALFx>}Oy5Pqg1F z`eXO~|4zRe|2^n*zSw_{^7*{%KfzreWBLgIPODFX{%09{0{h3?d?gsa+4nFOp1`!t z3bPyRu$1c14zZ0KD7V=>JB$_q&D?C|54C+(GLHDS;qGd@@hMb!#p4g7#cu`HKyMcB zD=-IY%W}B(({2s2_lDn8r~Mcldug&Ci)b(X)s5_n_VmB>vs?dLF`Ur$?G$=S%*l$N7l+|7*NFmv=yLg1FHCZpnuwTA*`z8BAodJGw?}m8Sp#N@fhC zBt{oHb81;P;K-44-{2ko77aOoB8}2L+5{l@;nl04%#U;|a^wZyUt9A}zvDfH0{(C$me)qQ%p< zS&n3yZS%xd7i9~r1kn6LGOkLK{2V+_jh|&V&uiIRRAxl^*oIWp;B=OStKBwvgYbO8 z&Oz4_=aqR}z&!q_dE@{-?L0~h{1tsQrTH|PS%Pm-uCLa#{!DYZW%fQ|;)*%ri#-5= zTrHnu1_QfZ75W3{i)#X>c_FNs)CdiL#zi50%}MafK2YTw7F0(bMVAE3NUX=d&Hqjr z-hVza5?AD5M3xyzQOb(BKyO(Nf8tF0LK~X8SV859xIM?vTUOjtZZJ;<35CI35FxH? z>KoMo2+IdW+ZqwZE22*)pib!FqPZM(zNq!W6DGKw6TA@H5~aMHS-ZF^ZTE0#4X+x- z6T_bGc0ldMa&g;vnX!#AXeZUCg=P-3EWBS$QJx}(XoyL>cEMa(Sjk&EdJILDmV-|C5Vbdq8x7m_7Hghg*%-uJ+Ga zjperYc&l;$4YuW8bq}}ZY9(kJEx33egp7o2fn;kC%o8$&iP$!`2ml*H zu>+Q|+ByS9SYR~*xyu(AoL5@$U)}>oZbXXwqGg!`=3HzZ6-)xqR?EQ{yeA~OM>!B- zU%vK&Q_q4*rEC<1oBWk~_EiXu)aLohzsG96jjyfP_;1oqBL z_tgKacT&!pZX~}qnL>-I2OL4f_ZG3UE@z?gZ`Y zuw}gJV#^W@Fh@nB)&*ed(5e`Bzu~}H)Ome-$z_>QsQXimRvowMeXWw2tCf2ob_~U~ zSKm4E9_m^jZZMUhI`KE8f*(OGHTuJhs3*&_s~}F1qQMvenbS|0V~U=Z8PM|Q*^2)u zpT_$?%aXM!FuJb>uuK0Rb*k~d-Esem{{JYSz4m`@f>N0lafM{2VpW~5G^)d+*A&jt zxl0=;c}SYGr9vQncB=y7r^e=T9YsYT^6pv14`pX6o_Lle`iXYA180s=`<3HR`}gHt z{1f-vpHZA$@ zo#iB*CmWC>PCge(F<=D1HNkOx6e+;s_$?>#O4edT=^E!GU80nQNB@S?837B%GJ4)_ z$0VZR6tfgAaTt+hyR7QpUXV8}M%pVOvl&d|mcr8FSXxF)GxqoM5K3P@kM?oN|8Rkl zB^Iat4}xR2|F`1*=?;6NFZq8TEO)*rC_?kNzA2E2BUj%266Ni z5I4nCL48KLO zOl=& zS-6ZJ0>}3CKj`(U^`Enxmv z;8*ka-;T8|GRJJOnhGt12YVCU!5{Ej-aROb0*N9n0D>HeJBBcgxz3m)-gPnq5z1MMs)K%#>Oql1 z(c5z0q-tcXY68cd+N|pqdbQ*&9?Hu3*l&P`X%93?h=}C}PP* z^}gA%DSJQk_rB}tefQAbckJGG&EEH#PH$(=4tD$-%ATqc71%dU)RTHzOJ8n=JxE+xjnPz_ROB! zZcXY^0$`GmH=^{Ba(Z!v7pFiK?*~QXfTsuU$vZoA^2YY$o!OJutxjG^y{fIR$yIR~ ze49``p`n_-Jq6R)E11Tf=^Gz9ePet2#@nY)i5$tcOH3KO7ZnW4a#3Ib(>PHRs6b|h%a5F$5o~Em1rutUpjW||Av4oinhmnDC=Fz&Wf<@J^ z?76Z>-jzM_=u@LZ^{J7qPmOGSs>&KTRa%p%#x4^SixE&|-o=V}gWx^N0o_oBmekh| zw=y(3R2drC%FxJChPr1Bcc0;&yU)Y9-- zWq_=|CaOsm2TEcUX6xu1C35fDap<_m!4S9FUQzxrkid=4 zY#Dk?>fxa#_0Tq{hn7j*9n|f^(arEUIV)rgTJam^I z+PnPF+T}ZEbuFF}AwH$YXNi_ml$$jdaza>XSDUQK1_*~o{7ZsbFIBOh8Dd8e+a+(^rK1D?HpF7`JWg3e9nQ%k2-s#cLO`OxtT+KO$3~9B zew#w?%pMTr@cx4ZaIS_1~Y6SWmxlJBYiokOBx^5Ey?C6PQLQ2N!%?RQLB& z0egN=DW}%ifBxX$0XQ=UfI~7zprOC8H`>o3+8cQtqMRaMC!5*tu1=0Cojfx;S@$}4 zI@xTiDLdKU(n+^^%pV-w$x)?~V`nFoMq!vUAdQL4X4)02n=2b}N=YVNq&O8@f*gYV z)S}+VYq)ZHeM4}dTH6o1!^#kpifyOW^IGRB!l-SeZtikP*#WVSWGKb=V6{XLgdf7_CB>)8Ck!9zW$4E37{W=A`fWhE~$OV2IeEv>5zLR*&+afbFQb`PWM7)gP= zjvz*;yXOdXw~dfnhvp9sW`ka3bo$2VbSE`7xRN0yt*23fGm1b4a|U{+0LCyAXA@ii z3EQ22iS*IE7>n+BzxCD~_x(m$ch7@@t~@AkdFbVA$v8?(QgJB3AVafNl2F9Fv*A|w z`GbRJqg$Dco;e%Uv*=5bZGe4ACaj%Yx;vwE zGrpk}*UI#wlKWe&Q(Rk>vnG~gO4vdiqfju%Ym~~Pr0$-_C|&d=6G!Czavp zn8P!!%=Q1Xq6}m?S>qT16<;hnA1#(71~Z7|aT;7PlA(NwW#&LR62tv0n(okR(ey)~ z3VW~yTTx&q<}lR#)!edM!<@?$#TL?{VL5`!1g8kZQ?SYt3g8@Kk4LT_`gGKTRn&@x zdRFa)n+%^8d9V^$(ILmq!7P@Xb{QDE*(y(Tf_*J%2m2X--GSEt?0Y<+{X;#W{jj1j znhImLK`@M^zVXiP>GALSJ^p=ozp?x_kQ1yZ%tDzQ-@wKh!VT zxBZg+&{Wkr6E7J)wdi22sG=10n~~wu2M$*UY%+Sy$nfsuhmuj<$D5Ji+b|E@FMHKV z=`G$Etw8IA6t zqtUfTqic^w-%EyjG`fe5Mknm{Z8|zl=;-+Dy3WCNU8iE#bqu?%Gm!zl9#Y)vrE{=R z)2SFW9mA;EL5h2NItQ!V9b4t@7%KO6O57@M=P;F5`6arx=F%zkUQWxImln6;+BsBl z?bwQIr&L@y86z(lZpF28sN&kO71vIwxNaxItxk3hRVO>uNf|XG!>tE(4%LG?wjR_e z^&n1$&zk6X^q|gRdQicq1Dlq9Gg^Fdxgo4nP`*!&Yvf~lHAeAFMbe8roc3iaj!HbSQ)_37#! z0hlD<=c|`0UXaSW^KTG{N%{>F2L{I*#7+QNF+gVO(x$gdE=e#xSg9G?O3k>c)YN*U zi@S>Z{!6k(V3n>Yii_R}|9!FIWH~}$wV08dkB6^^E@f$asIoM+6_jyBPpWlK^@${& z*z%%kPSFk3u1%vHXKw%a*rV@^57l?Zw!Sm2=sS){lLr;+EUiZF_~>;hM&m;jqp__R zjVp?gpw~@?%L68UKa`AtO~!EBuqoLC)08lAUFd}@1)8d~pz^C+##|a@If)SEtS-W* zWEu6?yn`?qHxoQsG>^M}(d^rW58i|;d+@+HG~0Kc{lWt#GCII=DQ7qp0<%cpVJCjqCNdmDV0*sIaH#i7$}LHblmmOQnwCQ@2Kw2Lm)Bs4^IT2saIecVli^wQv{Z@K zc$FnM;;f@3kxn2buHscRI^Xd5)RM!s5_|Y8oupG`(w}%o#Jw!}N@eKCD(9-F@vD0O z8qJ`*Z1=4?+Ey9n6S(2KKO=g>%u!0#e2`SZVXhcZ9HWSLLe9rt;USZuCpu*8v2n(S z+Bjp|#u-;^ocdrc;2MdIlxspzgjHTawvcxg7f9`|Gn^ou{asuZFLq}!82d?rVZX|p zf;ID1dO=^3RHSEO#E?PNa95@;R*J~w%EatvU<|hy7(QL^AXRS^b_dm&F;%@z5v*ad z={2G(Uqy^>go@d5ie)Ib5g=O*RmsXR*1O(*_qis%>s+!2jxmuB4jdFaYC?i?4ok5` zk(}|q7uSdH&u9y>)`F;T2{}x>5|P*Lgb`Jo{e^3{&j^}cP-bn5XtYTH+R zWQa0g7C4u^-YafmGVp{=C<48`K77I_)lPdR+|CfN%G6DAm;DS5WCPc-4jva}^vI}saSrbO_FXsZj>1l> zb0?ZUF=YGE(R*-RriXklD$s!U;AfO`T^+nXdfzfW@2&s%UjpLu;y~2xEoJ3D#3ry^{*MRU?x>poaoqWm z|M5{iT!zUgU@lo&G9~ZPk-^uPf-J{NnB!z4lR|PKEY!V?;QyBwH!50~FYoZ^NAd=( zQGN>EAa%D@wuMQe3+M(xOCT} z$N!Q(Zd2CRg?!7}1CHJsR^nypC3&yBqToHad-vfEyazWKitua$V7hS{mJ}>dF0R^f zyOKZ5HvluVq#<|;qlMcVr3*aL@)(Yc}@`mMK!nY3_7_e zpCZ1QzZa5GyMDwBlo>-gXTXHN-y$guc~idQNchrgvC2^lMBZY_4T7K&X&8}M3gNtp z-}FpcRA@b-po5P_ItLJNU@Zkr5+%GBQG_U!DM3TxHwAe!#_?5F- zOd_>&>a@*-{hJ0;@WEB=(|MyO>m5V&9l4tHB!PnB$ZuLMA%FuwL*lFy)XF`QP2Izi|Y7 zBQ60_u_iEzC8#$zN%$m5vyu_z9xIqd`Js$%YV|`47nzw>X|2Ya(hJGySHAZdF6s%o zJ21!0w>Vy9av4gA$dzBoY!E!d3>XQIql=3&@D(DdWB60~6wlF3R<_J*4PQ^IqiXcvi zOyZU0C_=HQ&eVi7Rq(M++S9j~ic3@KbW%+`|D`$tx7ua^=xrvBqp+|wrifERIV0-@ zkH8&{f6pnr+aj4loX&GZX@j*0Q=l3fKHaKN@}W`JtQ}~$YHMOCQrhj0QwC)EJ0`WkJDnnX_NqE|OdUvrN9M_jW) z3@-F46{dtC3FImIPrQ}cn-np+Af&b^57;pZP~~>Pai~dv6wg?4t8Wn`?HON<+%BN8y*DZAR7Yri0Yd@L5*G5BepeTJHA@=EM5S+u~;jjC`b#Q$f6)B zDTGRa1~3IEC9Cvv)Bnqvi8>!7L(0SU*NZd+EjM`smTrHT!EtoRg(!VGnon$yg zvM9fYyJVBC%vAyjvsIE@kpxE-bN2b{C1F?6I;)NOg+w7&1cv}J1)>5yH;-%#=<`LC z^AR$S2*hjKQB}dqB4h^Kwa5+A`wvxlY|xnu`;!5jP9d6f#%MB_c4xg=+(W$>jiSM< z*XhFHbTaM?hU0#3(2w95ns!I=^el>}<7hiI0z0QDcjzdu)+o>UHYV&X-a?y(+U6=( zg#fZ*ghnutJt-#kubPGb#zkEm0|kNA15t8_Darmruqi-aLZxl_TO{>zM!ZPmJ z<*&amo^qQnHawC#KfM!d3>kF5E8h|gL{MnTDvo*;9vOQm-f0|CPzGkxCd8^T19fs= z$Ok)m&T^6@DBm%ZTUtBSEn$xu$texsN>MITceZsVB8pf$hGiz7*WiPzl_AR{_+}AOwu1Q z4n-$ulhJBH>PA6%Oe!77{Q zFh-zwjT`Sz3f%ORtHe0gHUd{juXV|(VC!km96OaUle zL-0hfCF=^0~p7_ z`LDm7260X@{+C$Pm*rupI4S4+YTFWFWWppX#%(=q$US@goG)wpWSx^EV<>Im@au2Z zE@`Bg742MG7iS}l~JuGhzz7H~lNDts{{iQe1pv>4o8@J3i~z(gEtZkh^cTz)KgyP_xA+z%DUq9$ zvaes@^q%@vfVSHH+jYS{it zdd@`+;|0<`pQt{%yhJ}ioVw`_!EH@xx)GO|w5&J>7boEMzt6$z+e`5M3Annrx%uVE zIr!$?I}l#0Wb-1%@56_0z-8G$d{DanAt%doT_HXU^<0SGYumeic$+0YJprX_5rm@N zcea@)WD1jTwn`GdI106V%XWcMhI1rh%VnYMa{E-!FjYdR&NODTCJ12)h;E{VlPm;V z9Ox<11!T_BB3Cr3o3F1avYsnlQ&qx3Da*0^wT)QR<}E2`fhEi`PS*1)-a1EAy~>{p zS@ZEc4CA<^(6<;7o)g5PmY|^Z2D63uvjrvH?USOXdht5O`Ij=3-fUT3_1}<{%voGW z9Y(;NM_k+$C~Mw2HCGo&Lf&X!rEuw@w|qrnR=%c0sDOpH8Q%(~+p@;n>}l&wvrX}0 z)i$=?&{nHHU*BnEat2h5(N06NYicTy-ICW$tqD}}^8pu-PMQPkx zQROSKMq0>{Upv2vKWx2NFl!6Fh082KVL~F92nCrheJ%2;ZUe=?8KgykpBtSx($s&r zfiH$rA{{^DlY@Fclbo+Z zXhiGc;Q7R>tkH^tPt>XelWtY%bWVGWh`xT`5w zWlKH8oEs{~0=kZ#M_tp8jhX=Ub0O6zT;(o%DzaTPf}>#y5TqLwo+Z>NzBIra5ohuG z`o#@zx}wO4;o=>5^1U1c9cQ-nP^%1L^B-whfV>A<7ouon3tQ1Ei zf%mYjo9{wX2VFa}60F1YkySjJ40Ln|X@5988}!g*JUpB1B1mig$}B4eaEJbHH+M;a8qg4F+rk!Rd{-j5PV1o> ziJ8D^->87uUlFf#t_HF+d-f)c#OOxXlJ>Y7RJ_7gc5e_yVuCsB^i~H>LCq6Af7tkU~!tsu1g<#+ABa?*Y$v)|bQ{Vrep+udp5kYWUU)A~joa8MKa zbj9rXG_DJHhwgz@dWq7DEk`gGF>em8)XN>u%udxJJ^_c(;(ECk3&sDaaKdCVd4`LC zV<;zv%!(=?x-&WYV}&RydSt8#wySSewI`Q7s&L5$c7~$@_Vbx=baF;$-JODXlfosA z zqZk|;s87U7l0ef{l5l&hUXX|HpB$LDG$n4P>(eSn5B$Twn)(*xYh@HhB>lTi@F48v zJ4=$?g^CBcq5uJ1O%Ozc;rQ&vo$O+}4uzt*&ts{NDTbID1dF_Dr zysXA~s{Z`(>J((_=oFx3#x_rIeyR+~(=sUKw9Ku=_YrxF;HGm4GwosX?N3kDV=@z$ zEOngIvbdPE73#l^^fWsq2dcgaEjO}lYYDTuVsC7Ii2q9nTg3Nx3d{<9mv_9a*$yN+?=l(zOvWb&Y_ks%o&w5ka;Lg=1 z7#b!kF~4`Zi+6rH91BG|dMoQhkg(S(DUeXau8chKjx~9q9qd9`F_X&6Q|V|y-lQ_S zwJ4b9L?t)l#>{_HRuX@lHBi!5Fsh>AlPm}ay3c!E7zBR~%fle&ldlp3m%UgD26^x$ zBQ?~$6it=rz^zZ%@Iqxd{6vIRtD<+u-cPK)(FM$fW6tfVEFxF6Ij50u%bdSjiqQX4K&j8{%) zpFU?-Ef@j8PiRT zeSQgqlSu>*3qU~iN{wipK8BY5n?MK8xsX<9nGu_B_rwpcDazG%Gt;|hS6;EPgMBn{KvSpZ{;KGJu8Y3yEVkBE zok+OyzQxlhN3jfxslNAkp+F_ltdnT{w0j0SQ#d%A3@6bbhEdd=bjPFK zqz8Mm*(~nBDU4z?tzT)c5miJ+G zgr(mFtM~>?7h;E3Q?b#-e>7A%Y%X*=QyR*6LaP%lIMq<~pdHBV5`rIZZ?Dvw`j}o{ zO%<|=KX3DYZi*{zCq~S*e#eECR!$qL>2byL8Ah^_9-nJkI=||fIIQ6cb@T`oAzCN~ zcXDpd#ihSHl{{ZUUyvlG8kWA?rF4-BR98Q$C$hoqlqLio{KG95McT5RW{;lG8 zt2Q?U1N%nk8pRMdVa@{5!*XW&Pk<$Dnwuj!Wx=gaD^eveNel;gqbAt_7~eF^r<( zkWkcs*`kVJy8W(=c>fX2>l{(C%A;C37Li$q2IudBC|d>R!JyOWEQ8ZPda;7@;OrR= zKAZ+Bgw<%-wc8ClKjGlR2h#(naq9S23feN05%t_;lBBAPiYWJ4mi3GF#RgEk3yORQ z`oy(1%&#dbbcl>(t3=8h)xNm-s5VKl2TF_~_#Oc$ZZry4Bop;Gj5I!cXF_R|Z!#u* zacXBhRi(^VNesk&K@obe#uTfI=rG+(NxYHB^(-1E{3;LU3@2(2-IBcX?p+{iC0ylr zjT1CSPiX`b!GXcKSh}ZynNx?)Y&|*8X^`pnh!;6%~Sc?K7KC8 z-8Oxhw^1qrtvc;;nilOoE)jvgmTVI0%MxJglXY=f^s@@;furfYcx0OEM#Fq#Ua-dL zjO0rx+-d_YfgU=_3&yf-qb#5wI^gmy`4*5ViP4qk!nqY8pxenf9L;(!2#mjn2}~oD zi>3ckx6@O=wb=(qpHgJ|;qXMxS>B10t$p)dq`%bzlgi9?TVd>Zp<2M*ahuwEnOYIy zyG$)P(R-8H-vz=*B#1ZkVQz-WqO=9SohnTbYX{e`)cgB8E!QZ`hEP z^T4}I02Y%V?q;iU{t08%#})R`l3M^8r%XHKU>(PvD~4Jbz7I%2 zuw&I|_zf2h^j>GDk}4G)Jy#*F$6UBhm2f>dwPfun zDBzuzGS?vELTmC{ZBK{VZ@+(VKHFl|`$4NzgWgy%j6|_$KIg_l)&R@MF>S**Pie#NwMX<`EcM4?bZT?*eEfgzv4Kq`g6&Y^~0{2{lTU9;|R;FhV zGZD^n7@;eaV{s5n(%4Ms+7V%s+D^kM*RMqreT1AM6iby{fkZ$6`IGz$E_c= z*Z%;MWD2AETk?X;>8tc;3AUvQ3|iQ*SqJlQs= z!(7=VBDXKQf@7C6+o*HYE?(V<)Pbn((C&tvu-EBzJCp7}`?dSy$)rD+z{#{TiAHCW z*(^eXAsj>~Mo~2G58-Sun?{pP7xlaGB#NgI>c*%$jmD!X8q^C%R4J2=?SJLk*Izzg aK3_gxKL49P|9=1g0RR7972Bo&5Cj0MKZ}t7 literal 0 HcmV?d00001 diff --git a/stable/nextcloud/10.0.10/helm-values.md b/stable/nextcloud/10.0.10/helm-values.md new file mode 100644 index 00000000000..a01f302650b --- /dev/null +++ b/stable/nextcloud/10.0.10/helm-values.md @@ -0,0 +1,62 @@ +# Default Helm-Values + +TrueCharts is primarily build to supply TrueNAS SCALE Apps. +However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file. + +Most of our Apps also consume our "common" Helm Chart. +If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart. +You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document. + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| cronjob.annotations | object | `{}` | | +| cronjob.failedJobsHistoryLimit | int | `5` | | +| cronjob.schedule | string | `"*/5 * * * *"` | | +| cronjob.successfulJobsHistoryLimit | int | `2` | | +| env.NEXTCLOUD_ADMIN_PASSWORD | string | `"adminpass"` | | +| env.NEXTCLOUD_ADMIN_USER | string | `"admin"` | | +| env.TRUSTED_PROXIES | string | `"172.16.0.0/16"` | | +| envFrom[0].configMapRef.name | string | `"nextcloudconfig"` | | +| envTpl.POSTGRES_DB | string | `"{{ .Values.postgresql.postgresqlDatabase }}"` | | +| envTpl.POSTGRES_USER | string | `"{{ .Values.postgresql.postgresqlUsername }}"` | | +| envValueFrom.POSTGRES_HOST.secretKeyRef.key | string | `"plainporthost"` | | +| envValueFrom.POSTGRES_HOST.secretKeyRef.name | string | `"dbcreds"` | | +| envValueFrom.POSTGRES_PASSWORD.secretKeyRef.key | string | `"postgresql-password"` | | +| envValueFrom.POSTGRES_PASSWORD.secretKeyRef.name | string | `"dbcreds"` | | +| envValueFrom.REDIS_HOST.secretKeyRef.key | string | `"plainhost"` | | +| envValueFrom.REDIS_HOST.secretKeyRef.name | string | `"rediscreds"` | | +| envValueFrom.REDIS_HOST_PASSWORD.secretKeyRef.key | string | `"redis-password"` | | +| envValueFrom.REDIS_HOST_PASSWORD.secretKeyRef.name | string | `"rediscreds"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"tccr.io/truecharts/nextcloud"` | | +| image.tag | string | `"v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e"` | | +| persistence.data.enabled | bool | `true` | | +| persistence.data.mountPath | string | `"/var/www/html"` | | +| podSecurityContext.fsGroup | int | `33` | | +| podSecurityContext.runAsGroup | int | `0` | | +| podSecurityContext.runAsUser | int | `0` | | +| postgresql.enabled | bool | `true` | | +| postgresql.existingSecret | string | `"dbcreds"` | | +| postgresql.postgresqlDatabase | string | `"nextcloud"` | | +| postgresql.postgresqlUsername | string | `"nextcloud"` | | +| probes | object | See below | Probe configuration -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | +| probes.liveness | object | See below | Liveness probe configuration | +| probes.liveness.spec | object | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used | +| probes.readiness | object | See below | Redainess probe configuration | +| probes.readiness.spec | object | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used | +| probes.startup | object | See below | Startup probe configuration | +| probes.startup.spec | object | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used | +| redis.enabled | bool | `true` | | +| redis.existingSecret | string | `"rediscreds"` | | +| securityContext.readOnlyRootFilesystem | bool | `false` | | +| securityContext.runAsNonRoot | bool | `false` | | +| service.hpb.enabled | bool | `true` | | +| service.hpb.ports.hpb.enabled | bool | `true` | | +| service.hpb.ports.hpb.port | int | `7867` | | +| service.hpb.ports.hpb.targetPort | int | `7867` | | +| service.main.ports.main.port | int | `10020` | | +| service.main.ports.main.targetPort | int | `80` | | + +All Rights Reserved - The TrueCharts Project diff --git a/stable/nextcloud/10.0.10/ix_values.yaml b/stable/nextcloud/10.0.10/ix_values.yaml new file mode 100644 index 00000000000..98e912c4895 --- /dev/null +++ b/stable/nextcloud/10.0.10/ix_values.yaml @@ -0,0 +1,133 @@ +image: + repository: tccr.io/truecharts/nextcloud + pullPolicy: IfNotPresent + tag: v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e + +securityContext: + readOnlyRootFilesystem: false + runAsNonRoot: false + +podSecurityContext: + runAsUser: 0 + runAsGroup: 0 + fsGroup: 33 + +service: + main: + ports: + main: + port: 10020 + targetPort: 80 + hpb: + enabled: true + ports: + hpb: + enabled: true + port: 7867 + targetPort: 7867 + +env: + NEXTCLOUD_ADMIN_USER: "admin" + NEXTCLOUD_ADMIN_PASSWORD: "adminpass" + TRUSTED_PROXIES: "172.16.0.0/16" + +envTpl: + POSTGRES_DB: "{{ .Values.postgresql.postgresqlDatabase }}" + POSTGRES_USER: "{{ .Values.postgresql.postgresqlUsername }}" + +envFrom: + - configMapRef: + name: nextcloudconfig + +envValueFrom: + POSTGRES_PASSWORD: + secretKeyRef: + name: dbcreds + key: postgresql-password + POSTGRES_HOST: + secretKeyRef: + name: dbcreds + key: plainporthost + REDIS_HOST: + secretKeyRef: + name: rediscreds + key: plainhost + REDIS_HOST_PASSWORD: + secretKeyRef: + name: rediscreds + key: redis-password + +persistence: + data: + enabled: true + mountPath: "/var/www/html" +# -- Probe configuration +# -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) +# @default -- See below +probes: + # -- Liveness probe configuration + # @default -- See below + liveness: + custom: true + # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used + # @default -- "/" + spec: + httpGet: + path: /status.php + port: 80 + httpHeaders: + - name: Host + value: "test.fakedomain.dns" + + # -- Redainess probe configuration + # @default -- See below + readiness: + custom: true + # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used + # @default -- "/" + spec: + httpGet: + path: /status.php + port: 80 + httpHeaders: + - name: Host + value: "test.fakedomain.dns" + + # -- Startup probe configuration + # @default -- See below + startup: + custom: true + # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used + # @default -- "/" + spec: + httpGet: + path: /status.php + port: 80 + httpHeaders: + - name: Host + value: "test.fakedomain.dns" + +## Cronjob to execute Nextcloud background tasks +## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#webcron +## +cronjob: + # Every 5 minutes + # Note: Setting this to any any other value than 5 minutes might + # cause issues with how nextcloud background jobs are executed + schedule: "*/5 * * * *" + annotations: {} + failedJobsHistoryLimit: 5 + successfulJobsHistoryLimit: 2 + +# Enabled postgres +postgresql: + enabled: true + existingSecret: "dbcreds" + postgresqlUsername: nextcloud + postgresqlDatabase: nextcloud + +# Enabled redis +# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis +redis: + enabled: true + existingSecret: "rediscreds" diff --git a/stable/nextcloud/10.0.10/questions.yaml b/stable/nextcloud/10.0.10/questions.yaml new file mode 100644 index 00000000000..4c90bb192be --- /dev/null +++ b/stable/nextcloud/10.0.10/questions.yaml @@ -0,0 +1,1871 @@ +groups: + - name: "Container Image" + description: "Image to be used for container" + - name: "Controller" + description: "Configure workload deployment" + - name: "Container Configuration" + description: "additional container configuration" + - name: "App Configuration" + description: "App specific config options" + - name: "Networking and Services" + description: "Configure Network and Services for container" + - name: "Storage and Persistence" + description: "Persist and share data that is separate from the container" + - name: "Ingress" + description: "Ingress Configuration" + - name: "Security and Permissions" + description: "Configure security context and permissions" + - name: "Resources and Devices" + description: "Specify resources/devices to be allocated to workload" + - name: "Middlewares" + description: "Traefik Middlewares" + - name: "Metrics" + description: "Metrics" + - name: "Addons" + description: "Addon Configuration" + - name: "Advanced" + description: "Advanced Configuration" +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: portal + group: "Container Image" + label: "Configure Portal Button" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable" + description: "enable the portal button" + schema: + hidden: true + editable: false + type: boolean + default: true + - variable: global + label: "global settings" + group: "Controller" + schema: + type: dict + hidden: true + attrs: + - variable: isSCALE + label: "flag this is SCALE" + schema: + type: boolean + default: true + hidden: true + - variable: controller + group: "Controller" + label: "" + schema: + type: dict + attrs: + - variable: advanced + label: "Show Advanced Controller Settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: "Please specify type of workload to deploy" + label: "(Advanced) Controller Type" + schema: + type: string + default: "deployment" + required: true + enum: + - value: "deployment" + description: "Deployment" + - value: "statefulset" + description: "Statefulset" + - value: "daemonset" + description: "Daemonset" + - variable: replicas + description: "Number of desired pod replicas" + label: "Desired Replicas" + schema: + type: int + default: 1 + required: true + - variable: strategy + description: "Please specify type of workload to deploy" + label: "(Advanced) Update Strategy" + schema: + type: string + default: "Recreate" + required: true + enum: + - value: "Recreate" + description: "Recreate: Kill existing pods before creating new ones" + - value: "RollingUpdate" + description: "RollingUpdate: Create new pods and then kill old ones" + - value: "OnDelete" + description: "(Legacy) OnDelete: ignore .spec.template changes" + - variable: expert + label: "Show Expert Configuration Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: extraArgs + label: "Extra Args" + schema: + type: list + default: [] + items: + - variable: argItem + label: "Arg" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: labelsList + label: "Controller Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: " Controller Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: env + group: "Container Configuration" + label: "Image Environment" + schema: + type: dict + attrs: + - variable: TZ + label: "Timezone" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + - variable: UMASK + label: "UMASK" + description: "Sets the UMASK env var for LinuxServer.io (compatible) containers" + schema: + type: string + default: "002" + + - variable: NEXTCLOUD_ADMIN_USER + label: "NEXTCLOUD_ADMIN_USER (First Install Only)" + description: "Sets the initial nextcloud's admin username, changing this variable after first launch will NOT change admin's username" + schema: + type: string + required: true + default: "" + - variable: NEXTCLOUD_ADMIN_PASSWORD + label: "NEXTCLOUD_ADMIN_PASSWORD (First Install Only)" + description: "Sets the initial nextcloud's admin password, changing this variable after first launch will NOT change admin's password" + schema: + type: string + private: true + required: true + default: "" + - variable: TRUSTED_PROXIES + label: "Trusted Proxies (Advanced)" + description: "Sets nextcloud Trusted Proxies" + schema: + type: string + default: "172.16.0.0/16" + - variable: NODE_IP + label: "NODE_IP" + description: "Sets nextcloud nodeip for nodeport connections (Ensure this is correct at first install!)" + schema: + type: string + $ref: + - "definitions/nodeIP" + + - variable: envList + label: "Image environment" + group: "Container Configuration" + schema: + type: list + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: expertpodconf + group: "Container Configuration" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: termination + group: "Container Configuration" + label: "Termination settings" + schema: + type: dict + attrs: + - variable: gracePeriodSeconds + label: "Grace Period Seconds" + schema: + type: int + default: 10 + - variable: podLabelsList + group: "Container Configuration" + label: "Pod Labels" + schema: + type: list + default: [] + items: + - variable: podLabelItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: podAnnotationsList + group: "Container Configuration" + label: "Pod Annotations" + schema: + type: list + default: [] + items: + - variable: podAnnotationItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: service + group: "Networking and Services" + label: "Configure Service(s)" + schema: + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "Simple" + enum: + - value: "Simple" + description: "Simple" + - value: "ClusterIP" + description: "ClusterIP" + - value: "NodePort" + description: "NodePort (Advanced)" + - value: "LoadBalancer" + description: "LoadBalancer (Advanced)" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + type: dict + attrs: + - variable: main + label: "Main Service Port Configuration" + schema: + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10020 + editable: true + required: true + - variable: advanced + label: "Show Advanced settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 80 + + - variable: serviceexpert + group: "Networking and Services" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + group: "Networking and Services" + label: "Host-Networking (Complicated)" + schema: + type: boolean + default: false + + - variable: dnsPolicy + group: "Networking and Services" + label: "dnsPolicy" + schema: + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "ClusterFirst" + description: "ClusterFirst" + - value: "ClusterFirstWithHostNet" + description: "ClusterFirstWithHostNet" + - value: "None" + description: "None" + + - variable: dnsConfig + label: "DNS Configuration" + group: "Networking and Services" + description: "Specify custom DNS configuration which will be applied to the pod" + schema: + type: dict + attrs: + - variable: nameservers + label: "Nameservers" + schema: + default: [] + type: list + items: + - variable: nameserver + label: "Nameserver" + schema: + type: string + - variable: options + label: "options" + schema: + default: [] + type: list + items: + - variable: option + label: "Option Entry" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: searches + label: "Searches" + schema: + default: [] + type: list + items: + - variable: search + label: "Search Entry" + schema: + type: string + + - variable: serviceList + label: "Add Manual Custom Services" + group: "Networking and Services" + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: "Custom Service" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name" + schema: + type: string + default: "" + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "Simple" + enum: + - value: "Simple" + description: "Simple" + - value: "NodePort" + description: "NodePort" + - value: "ClusterIP" + description: "ClusterIP" + - value: "LoadBalancer" + description: "LoadBalancer" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: portsList + label: "Additional Service Ports" + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: "Custom ports" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the port" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Port Name" + schema: + type: string + default: "" + - variable: protocol + label: "Port Type" + schema: + type: string + default: "TCP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: targetPort + label: "Target Port" + description: "This port exposes the container port on the service" + schema: + type: int + required: true + - variable: port + label: "Container Port" + schema: + type: int + required: true + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort" + schema: + type: int + min: 9000 + max: 65535 + + - variable: persistence + label: "Integrated Persistent Storage" + description: "Integrated Persistent Storage" + group: "Storage and Persistence" + schema: + type: dict + attrs: + - variable: data + label: "App Data Storage" + description: "Stores the Application Data." + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "Type of Storage" + description: "Sets the persistence type, Anything other than PVC could break rollback!" + schema: + type: string + default: "simplePVC" + enum: + - value: "simplePVC" + description: "PVC (simple)" + - value: "simpleHP" + description: "HostPath (simple)" + - value: "emptyDir" + description: "emptyDir" + - value: "pvc" + description: "pvc" + - value: "hostPath" + description: "hostPath" + - variable: setPermissionsSimple + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: true + - variable: setPermissions + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPathSimple + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: "mountPath" + description: "Path inside the container the storage is mounted" + schema: + type: string + default: "/var/www/html" + hidden: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: "EmptyDir Medium" + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "Memory" + description: "Memory" + - variable: size + label: "Size quotum of storage" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "999Gi" + - variable: hostPathType + label: "(Advanced) hostPath Type" + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "DirectoryOrCreate" + description: "DirectoryOrCreate" + - value: "Directory" + description: "Directory" + - value: "FileOrCreate" + description: "FileOrCreate" + - value: "File" + description: "File" + - value: "Socket" + description: "Socket" + - value: "CharDevice" + description: "CharDevice" + - value: "BlockDevice" + description: "BlockDevice" + - variable: storageClass + label: "(Advanced) storageClass" + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "SCALE-ZFS" + - variable: accessMode + label: "(Advanced) Access Mode" + description: "Allow or disallow multiple PVC's writhing to the same PV" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: advanced + label: "Show Advanced Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: persistenceList + label: "Additional app storage" + group: "Storage and Persistence" + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: "Custom Storage" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name (optional)" + description: "Not required, please set to config when mounting /config or temp when mounting /tmp" + schema: + type: string + - variable: type + label: "Type of Storage" + description: "Sets the persistence type, Anything other than PVC could break rollback!" + schema: + type: string + default: "simpleHP" + enum: + - value: "simplePVC" + description: "PVC (simple)" + - value: "simpleHP" + description: "HostPath (simple)" + - value: "emptyDir" + description: "emptyDir" + - value: "pvc" + description: "pvc" + - value: "hostPath" + description: "hostPath" + - variable: setPermissionsSimple + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: true + - variable: setPermissions + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPathSimple + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: "mountPath" + description: "Path inside the container the storage is mounted" + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: "EmptyDir Medium" + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "Memory" + description: "Memory" + - variable: size + label: "Size quotum of storage" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "999Gi" + - variable: hostPathType + label: "(Advanced) hostPath Type" + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "DirectoryOrCreate" + description: "DirectoryOrCreate" + - value: "Directory" + description: "Directory" + - value: "FileOrCreate" + description: "FileOrCreate" + - value: "File" + description: "File" + - value: "Socket" + description: "Socket" + - value: "CharDevice" + description: "CharDevice" + - value: "BlockDevice" + description: "BlockDevice" + - variable: storageClass + label: "(Advanced) storageClass" + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "SCALE-ZFS" + - variable: accessMode + label: "(Advanced) Access Mode" + description: "Allow or disallow multiple PVC's writhing to the same PV" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: advanced + label: "Show Advanced Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: ingress + label: "" + group: "Ingress" + schema: + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable Ingress" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: "Hosts" + schema: + type: list + default: [] + items: + - variable: hostEntry + label: "Host" + schema: + type: dict + attrs: + - variable: host + label: "HostName" + schema: + type: string + default: "" + required: true + - variable: paths + label: "Paths" + schema: + type: list + default: [] + items: + - variable: pathEntry + label: "Host" + schema: + type: dict + attrs: + - variable: path + label: "path" + schema: + type: string + required: true + default: "/" + - variable: pathType + label: "pathType" + schema: + type: string + required: true + default: "Prefix" + + - variable: tls + label: "TLS-Settings" + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: "Host" + schema: + type: dict + attrs: + - variable: hosts + label: "Certificate Hosts" + schema: + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + $ref: + - "definitions/certificate" + + - variable: entrypoint + label: "(Advanced) Traefik Entrypoint" + description: "Entrypoint used by Traefik when using Traefik as Ingress Provider" + schema: + type: string + default: "websecure" + required: true + - variable: middlewares + label: "Traefik Middlewares" + description: "Add previously created Traefik Middlewares to this Ingress" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + + - variable: expert + label: "Show Expert Configuration Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enableFixedMiddlewares + description: "These middlewares enforce a number of best practices." + label: "Enable Default Middlewares" + schema: + type: boolean + default: true + - variable: ingressClassName + label: "IngressClass Name" + schema: + type: string + default: "" + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: ingressList + label: "Add Manual Custom Ingresses" + group: "Ingress" + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: "Custom Ingress" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable Ingress" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name" + schema: + type: string + default: "" + - variable: ingressClassName + label: "IngressClass Name" + schema: + type: string + default: "" + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: hosts + label: "Hosts" + schema: + type: list + default: [] + items: + - variable: hostEntry + label: "Host" + schema: + type: dict + attrs: + - variable: host + label: "HostName" + schema: + type: string + default: "" + required: true + - variable: paths + label: "Paths" + schema: + type: list + default: [] + items: + - variable: pathEntry + label: "Host" + schema: + type: dict + attrs: + - variable: path + label: "path" + schema: + type: string + required: true + default: "/" + - variable: pathType + label: "pathType" + schema: + type: string + required: true + default: "Prefix" + - variable: service + label: "Linked Service" + schema: + type: dict + attrs: + - variable: name + label: "Service Name" + schema: + type: string + default: "" + - variable: port + label: "Service Port" + schema: + type: int + - variable: tls + label: "TLS-Settings" + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: "Host" + schema: + type: dict + attrs: + - variable: hosts + label: "Certificate Hosts" + schema: + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: "Traefik Entrypoint" + description: "Entrypoint used by Traefik when using Traefik as Ingress Provider" + schema: + type: string + default: "websecure" + required: true + - variable: middlewares + label: "Traefik Middlewares" + description: "Add previously created Traefik Middlewares to this Ingress" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + + - variable: advancedSecurity + label: "Show Advanced Security Settings" + group: "Security and Permissions" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: "Security Context" + schema: + type: dict + attrs: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: false + - variable: allowPrivilegeEscalation + label: "Allow Privilege Escalation" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: false + + - variable: podSecurityContext + group: "Security and Permissions" + label: "Pod Security Context" + schema: + type: dict + attrs: + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 0 + - variable: runAsGroup + label: "runAsGroup" + description: The groupID this App of the user running the application" + schema: + type: int + default: 0 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 33 + - variable: supplementalGroups + label: "supplemental Groups" + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: "supplemental Group" + schema: + type: int + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: "OnRootMismatch" + enum: + - value: "OnRootMismatch" + description: "OnRootMismatch" + - value: "Always" + description: "Always" + + + - variable: advancedresources + label: "Set Custom Resource Limits/Requests (Advanced)" + group: "Resources and Devices" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: resources + label: "" + schema: + type: dict + attrs: + - variable: limits + label: "Advanced Limit Resource Consumption" + schema: + type: dict + attrs: + - variable: cpu + label: "CPU" + schema: + type: string + default: "4000m" + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "Memory RAM" + schema: + type: string + default: "8Gi" + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Advanced Request minimum resources required" + schema: + type: dict + attrs: + - variable: cpu + label: "CPU" + schema: + type: string + default: "10m" + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "Memory RAM" + schema: + type: string + default: "50Mi" + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + + - variable: deviceList + label: "Mount USB devices" + group: "Resources and Devices" + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: "Device" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + - variable: type + label: "(Advanced) Type of Storage" + description: "Sets the persistence type" + schema: + type: string + default: "hostPath" + hidden: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPath + label: "Host Device Path" + description: "Path to the device on the host system" + schema: + type: path + - variable: mountPath + label: "Container Device Path" + description: "Path inside the container the device is mounted" + schema: + type: string + default: "/dev/ttyACM0" + + # Specify GPU configuration + - variable: scaleGPU + label: "GPU Configuration" + group: "Resources and Devices" + schema: + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + + - variable: autoscaling + group: "Advanced" + label: "(Advanced) Horizontal Pod Autoscaler" + schema: + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: target + label: "Target" + description: "deployment name, defaults to main deployment" + schema: + type: string + default: "" + - variable: minReplicas + label: "Minimum Replicas" + schema: + type: int + default: 1 + - variable: maxReplicas + label: "Maximum Replicas" + schema: + type: int + default: 5 + - variable: targetCPUUtilizationPercentage + label: "Target CPU Utilization Percentage" + schema: + type: int + default: 80 + - variable: targetMemoryUtilizationPercentage + label: "Target Memory Utilization Percentage" + schema: + type: int + default: 80 + + + - variable: addons + group: "Addons" + label: "" + schema: + type: dict + attrs: + - variable: vpn + label: "VPN" + schema: + type: dict + attrs: + - variable: type + label: "Type" + schema: + type: string + default: "disabled" + enum: + - value: "disabled" + description: "disabled" + - value: "openvpn" + description: "OpenVPN" + - value: "wireguard" + description: "Wireguard" + - variable: openvpn + label: "OpenVPN Settings" + schema: + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: "authentication username" + description: "authentication username, optional" + schema: + type: string + default: "" + - variable: password + label: "authentication password" + description: "authentication credentials" + schema: + type: string + default: "" + required: true + - variable: killSwitch + label: "Enable killswitch" + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: "Killswitch Excluded IPv4 networks" + description: "list of killswitch excluded ipv4 addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: "IPv4 Network" + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: "Killswitch Excluded IPv6 networks" + description: "list of killswitch excluded ipv4 addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: "IPv6 Network" + schema: + type: string + required: true + + - variable: configFile + label: "VPN Config File Location" + schema: + type: dict + show_if: [["type", "!=", "disabled"]] + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "type" + schema: + type: string + default: "hostPath" + hidden: true + - variable: hostPathType + label: "hostPathType" + schema: + type: string + default: "File" + hidden: true + - variable: noMount + label: "noMount" + schema: + type: boolean + default: true + hidden: true + - variable: hostPath + label: "Full path to file" + description: "path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" + schema: + type: string + default: "" + required: true + - variable: envList + label: "VPN environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + - variable: codeserver + label: "Codeserver" + schema: + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: git + label: "Git Settings" + schema: + type: dict + attrs: + - variable: deployKey + description: "Raw SSH private key" + label: "deployKey" + schema: + type: string + - variable: deployKeyBase64 + description: "Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence" + label: "deployKeyBase64" + schema: + type: string + - variable: service + label: "" + schema: + type: dict + attrs: + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "NodePort" + enum: + - value: "NodePort" + description: "NodePort" + - value: "ClusterIP" + description: "ClusterIP" + - value: "LoadBalancer" + description: "LoadBalancer" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ports + label: "" + schema: + type: dict + attrs: + - variable: codeserver + label: "" + schema: + type: dict + attrs: + - variable: nodePort + description: "leave empty to disable" + label: "nodePort" + schema: + type: int + default: 36107 + - variable: envList + label: "Codeserver environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + + - variable: promtail + label: "Promtail" + schema: + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: loki + label: "Loki URL" + schema: + type: string + required: true + - variable: logs + label: "Log Paths" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: path + label: "Path" + schema: + type: string + required: true + - variable: args + label: "Promtail ecommand line arguments" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: arg + label: "Arg" + schema: + type: string + required: true + - variable: envList + label: "Promtail environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + + + + - variable: netshoot + label: "Netshoot" + schema: + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: "Netshoot environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true diff --git a/stable/nextcloud/10.0.10/sec-scan.md b/stable/nextcloud/10.0.10/sec-scan.md new file mode 100644 index 00000000000..b105d96f752 --- /dev/null +++ b/stable/nextcloud/10.0.10/sec-scan.md @@ -0,0 +1,7406 @@ +# Security Scan + +## Helm-Chart + +##### Scan Results + +``` +2021-12-03T20:42:27.633Z INFO Need to update the built-in policies +2021-12-03T20:42:27.633Z INFO Downloading the built-in policies... +2021-12-03T20:42:28.661Z INFO Detected config files: 3 + +nextcloud/charts/postgresql/templates/common.yaml (kubernetes) +============================================================== +Tests: 41 (SUCCESSES: 28, FAILURES: 13, EXCEPTIONS: 0) +Failures: 13 (UNKNOWN: 0, LOW: 6, MEDIUM: 7, HIGH: 0, CRITICAL: 0) + ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ +| TYPE | MISCONF ID | CHECK | SEVERITY | MESSAGE | ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ +| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | Container 'RELEASE-NAME-postgresql' of | +| | | | | StatefulSet 'RELEASE-NAME-postgresql' | +| | | | | should add 'ALL' to | +| | | | | 'securityContext.capabilities.drop' | +| | | | | -->avd.aquasec.com/appshield/ksv003 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV012 | Runs as root user | MEDIUM | Container 'autopermissions' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-postgresql' should set | +| | | | | 'securityContext.runAsNonRoot' to true | +| | | | | -->avd.aquasec.com/appshield/ksv012 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV013 | Image tag ':latest' used | LOW | Container 'RELEASE-NAME-postgresql' of | +| | | | | StatefulSet 'RELEASE-NAME-postgresql' | +| | | | | should specify an image tag | +| | | | | -->avd.aquasec.com/appshield/ksv013 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' of | +| | | | | StatefulSet 'RELEASE-NAME-postgresql' | +| | | | | should specify an image tag | +| | | | | -->avd.aquasec.com/appshield/ksv013 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV014 | Root file system is not read-only | | Container 'RELEASE-NAME-postgresql' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-postgresql' should set | +| | | | | 'securityContext.readOnlyRootFilesystem' | +| | | | | to true | +| | | | | -->avd.aquasec.com/appshield/ksv014 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-postgresql' should set | +| | | | | 'securityContext.readOnlyRootFilesystem' | +| | | | | to true | +| | | | | -->avd.aquasec.com/appshield/ksv014 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV019 | Seccomp policies disabled | MEDIUM | Container 'RELEASE-NAME-postgresql' of | +| | | | | StatefulSet 'RELEASE-NAME-postgresql' | +| | | | | should specify a seccomp profile | +| | | | | -->avd.aquasec.com/appshield/ksv019 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' of | +| | | | | StatefulSet 'RELEASE-NAME-postgresql' | +| | | | | should specify a seccomp profile | +| | | | | -->avd.aquasec.com/appshield/ksv019 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV020 | Runs with low user ID | | Container 'RELEASE-NAME-postgresql' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-postgresql' should set | +| | | | | 'securityContext.runAsUser' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv020 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-postgresql' should set | +| | | | | 'securityContext.runAsUser' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv020 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV021 | Runs with low group ID | | Container 'RELEASE-NAME-postgresql' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-postgresql' should set | +| | | | | 'securityContext.runAsGroup' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv021 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-postgresql' should set | +| | | | | 'securityContext.runAsGroup' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv021 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV029 | A root primary or supplementary GID set | LOW | StatefulSet 'RELEASE-NAME-postgresql' should | +| | | | | set 'spec.securityContext.runAsGroup', | +| | | | | 'spec.securityContext.supplementalGroups[*]' | +| | | | | and 'spec.securityContext.fsGroup' | +| | | | | to integer greater than 0 | +| | | | | -->avd.aquasec.com/appshield/ksv029 | ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ + +nextcloud/charts/redis/templates/common.yaml (kubernetes) +========================================================= +Tests: 41 (SUCCESSES: 28, FAILURES: 13, EXCEPTIONS: 0) +Failures: 13 (UNKNOWN: 0, LOW: 6, MEDIUM: 7, HIGH: 0, CRITICAL: 0) + ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ +| TYPE | MISCONF ID | CHECK | SEVERITY | MESSAGE | ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ +| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | Container 'RELEASE-NAME-redis' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' | +| | | | | should add 'ALL' to | +| | | | | 'securityContext.capabilities.drop' | +| | | | | -->avd.aquasec.com/appshield/ksv003 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV012 | Runs as root user | MEDIUM | Container 'autopermissions' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' should | +| | | | | set 'securityContext.runAsNonRoot' to | +| | | | | true -->avd.aquasec.com/appshield/ksv012 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV013 | Image tag ':latest' used | LOW | Container 'RELEASE-NAME-redis' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' | +| | | | | should specify an image tag | +| | | | | -->avd.aquasec.com/appshield/ksv013 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' | +| | | | | should specify an image tag | +| | | | | -->avd.aquasec.com/appshield/ksv013 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV014 | Root file system is not read-only | | Container 'RELEASE-NAME-redis' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-redis' should set | +| | | | | 'securityContext.readOnlyRootFilesystem' | +| | | | | to true | +| | | | | -->avd.aquasec.com/appshield/ksv014 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' | +| | | | | of StatefulSet | +| | | | | 'RELEASE-NAME-redis' should set | +| | | | | 'securityContext.readOnlyRootFilesystem' | +| | | | | to true | +| | | | | -->avd.aquasec.com/appshield/ksv014 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV019 | Seccomp policies disabled | MEDIUM | Container 'RELEASE-NAME-redis' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' | +| | | | | should specify a seccomp profile | +| | | | | -->avd.aquasec.com/appshield/ksv019 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' | +| | | | | should specify a seccomp profile | +| | | | | -->avd.aquasec.com/appshield/ksv019 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV020 | Runs with low user ID | | Container 'RELEASE-NAME-redis' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' should | +| | | | | set 'securityContext.runAsUser' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv020 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' should | +| | | | | set 'securityContext.runAsUser' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv020 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV021 | Runs with low group ID | | Container 'RELEASE-NAME-redis' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' should | +| | | | | set 'securityContext.runAsGroup' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv021 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' of | +| | | | | StatefulSet 'RELEASE-NAME-redis' should | +| | | | | set 'securityContext.runAsGroup' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv021 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV029 | A root primary or supplementary GID set | LOW | StatefulSet 'RELEASE-NAME-redis' should | +| | | | | set 'spec.securityContext.runAsGroup', | +| | | | | 'spec.securityContext.supplementalGroups[*]' | +| | | | | and 'spec.securityContext.fsGroup' | +| | | | | to integer greater than 0 | +| | | | | -->avd.aquasec.com/appshield/ksv029 | ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ + +nextcloud/templates/common.yaml (kubernetes) +============================================ +Tests: 57 (SUCCESSES: 28, FAILURES: 29, EXCEPTIONS: 0) +Failures: 29 (UNKNOWN: 0, LOW: 11, MEDIUM: 18, HIGH: 0, CRITICAL: 0) + ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ +| TYPE | MISCONF ID | CHECK | SEVERITY | MESSAGE | ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ +| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | Container 'nextcloud' of CronJob | +| | | | | 'RELEASE-NAME-nextcloud-cronjob' | +| | | | | should set | +| | | | | 'securityContext.allowPrivilegeEscalation' | +| | | | | to false | +| | | | | -->avd.aquasec.com/appshield/ksv001 | ++ + + + +----------------------------------------------+ +| | | | | Container 'postgresql-init' of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.allowPrivilegeEscalation' | +| | | | | to false | +| | | | | -->avd.aquasec.com/appshield/ksv001 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV003 | Default capabilities not dropped | LOW | Container 'RELEASE-NAME-nextcloud' of | +| | | | | Deployment 'RELEASE-NAME-nextcloud' | +| | | | | should add 'ALL' to | +| | | | | 'securityContext.capabilities.drop' | +| | | | | -->avd.aquasec.com/appshield/ksv003 | ++ + + + +----------------------------------------------+ +| | | | | Container 'nextcloud' of CronJob | +| | | | | 'RELEASE-NAME-nextcloud-cronjob' | +| | | | | should add 'ALL' to | +| | | | | 'securityContext.capabilities.drop' | +| | | | | -->avd.aquasec.com/appshield/ksv003 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV012 | Runs as root user | MEDIUM | Container 'RELEASE-NAME-nextcloud' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsNonRoot' to true | +| | | | | -->avd.aquasec.com/appshield/ksv012 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsNonRoot' to true | +| | | | | -->avd.aquasec.com/appshield/ksv012 | ++ + + + +----------------------------------------------+ +| | | | | Container 'nextcloud' of CronJob | +| | | | | 'RELEASE-NAME-nextcloud-cronjob' should | +| | | | | set 'securityContext.runAsNonRoot' to | +| | | | | true -->avd.aquasec.com/appshield/ksv012 | ++ + + + +----------------------------------------------+ +| | | | | Container 'postgresql-init' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsNonRoot' to true | +| | | | | -->avd.aquasec.com/appshield/ksv012 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV013 | Image tag ':latest' used | LOW | Container 'RELEASE-NAME-nextcloud' of | +| | | | | Deployment 'RELEASE-NAME-nextcloud' | +| | | | | should specify an image tag | +| | | | | -->avd.aquasec.com/appshield/ksv013 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' of | +| | | | | Deployment 'RELEASE-NAME-nextcloud' | +| | | | | should specify an image tag | +| | | | | -->avd.aquasec.com/appshield/ksv013 | ++ + + + +----------------------------------------------+ +| | | | | Container 'nextcloud' of CronJob | +| | | | | 'RELEASE-NAME-nextcloud-cronjob' | +| | | | | should specify an image tag | +| | | | | -->avd.aquasec.com/appshield/ksv013 | ++ + + + +----------------------------------------------+ +| | | | | Container 'postgresql-init' of | +| | | | | Deployment 'RELEASE-NAME-nextcloud' | +| | | | | should specify an image tag | +| | | | | -->avd.aquasec.com/appshield/ksv013 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV014 | Root file system is not read-only | | Container 'RELEASE-NAME-nextcloud' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.readOnlyRootFilesystem' | +| | | | | to true | +| | | | | -->avd.aquasec.com/appshield/ksv014 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.readOnlyRootFilesystem' | +| | | | | to true | +| | | | | -->avd.aquasec.com/appshield/ksv014 | ++ + + + +----------------------------------------------+ +| | | | | Container 'nextcloud' of CronJob | +| | | | | 'RELEASE-NAME-nextcloud-cronjob' | +| | | | | should set | +| | | | | 'securityContext.readOnlyRootFilesystem' | +| | | | | to true | +| | | | | -->avd.aquasec.com/appshield/ksv014 | ++ + + + +----------------------------------------------+ +| | | | | Container 'postgresql-init' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.readOnlyRootFilesystem' | +| | | | | to true | +| | | | | -->avd.aquasec.com/appshield/ksv014 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV019 | Seccomp policies disabled | MEDIUM | Container 'RELEASE-NAME-nextcloud' of | +| | | | | Deployment 'RELEASE-NAME-nextcloud' | +| | | | | should specify a seccomp profile | +| | | | | -->avd.aquasec.com/appshield/ksv019 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' of | +| | | | | Deployment 'RELEASE-NAME-nextcloud' | +| | | | | should specify a seccomp profile | +| | | | | -->avd.aquasec.com/appshield/ksv019 | ++ + + + +----------------------------------------------+ +| | | | | Container 'nextcloud' of CronJob | +| | | | | 'RELEASE-NAME-nextcloud-cronjob' | +| | | | | should specify a seccomp profile | +| | | | | -->avd.aquasec.com/appshield/ksv019 | ++ + + + +----------------------------------------------+ +| | | | | Container 'postgresql-init' of | +| | | | | Deployment 'RELEASE-NAME-nextcloud' | +| | | | | should specify a seccomp profile | +| | | | | -->avd.aquasec.com/appshield/ksv019 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV020 | Runs with low user ID | | Container 'RELEASE-NAME-nextcloud' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsUser' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv020 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsUser' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv020 | ++ + + + +----------------------------------------------+ +| | | | | Container 'nextcloud' of CronJob | +| | | | | 'RELEASE-NAME-nextcloud-cronjob' should | +| | | | | set 'securityContext.runAsUser' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv020 | ++ + + + +----------------------------------------------+ +| | | | | Container 'postgresql-init' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsUser' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv020 | ++ +------------+-----------------------------------------+ +----------------------------------------------+ +| | KSV021 | Runs with low group ID | | Container 'RELEASE-NAME-nextcloud' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsGroup' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv021 | ++ + + + +----------------------------------------------+ +| | | | | Container 'autopermissions' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsGroup' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv021 | ++ + + + +----------------------------------------------+ +| | | | | Container 'nextcloud' of CronJob | +| | | | | 'RELEASE-NAME-nextcloud-cronjob' should | +| | | | | set 'securityContext.runAsGroup' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv021 | ++ + + + +----------------------------------------------+ +| | | | | Container 'postgresql-init' | +| | | | | of Deployment | +| | | | | 'RELEASE-NAME-nextcloud' should set | +| | | | | 'securityContext.runAsGroup' > 10000 | +| | | | | -->avd.aquasec.com/appshield/ksv021 | ++ +------------+-----------------------------------------+----------+----------------------------------------------+ +| | KSV029 | A root primary or supplementary GID set | LOW | Deployment 'RELEASE-NAME-nextcloud' should | +| | | | | set 'spec.securityContext.runAsGroup', | +| | | | | 'spec.securityContext.supplementalGroups[*]' | +| | | | | and 'spec.securityContext.fsGroup' | +| | | | | to integer greater than 0 | +| | | | | -->avd.aquasec.com/appshield/ksv029 | ++---------------------------+------------+-----------------------------------------+----------+----------------------------------------------+ +``` + +## Containers + +##### Detected Containers + + ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c + bitnami/postgresql:14.1.0@sha256:bdfeb12b5f8ae8dedfc2f7cb18a0ba48959c4dacc19176292a2fffd0abacdebe + tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e + tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e + ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c + bitnami/redis:6.2.6@sha256:61237e1fb2fbc54ad58141057591538d9563d992ba09cf789766a314e9433c07 + ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c + bitnami/postgresql:14.1.0@sha256:bdfeb12b5f8ae8dedfc2f7cb18a0ba48959c4dacc19176292a2fffd0abacdebe + +##### Scan Results + +**Container: ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c** + +``` +2021-12-03T20:42:28.758Z INFO Need to update DB +2021-12-03T20:42:28.758Z INFO Downloading DB... +2021-12-03T20:42:31.243Z INFO Detected OS: alpine +2021-12-03T20:42:31.243Z INFO Detecting Alpine vulnerabilities... +2021-12-03T20:42:31.244Z INFO Number of language-specific files: 0 + +ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) +========================================================================================================================= +Total: 22 (UNKNOWN: 0, LOW: 0, MEDIUM: 4, HIGH: 18, CRITICAL: 0) + ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42379 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42380 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42381 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42382 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42383 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42384 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42385 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42386 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | ++ +------------------+----------+ +---------------+---------------------------------------+ +| | CVE-2021-42374 | MEDIUM | | 1.33.1-r4 | busybox: out-of-bounds read | +| | | | | | in unlzma applet leads to | +| | | | | | information leak and denial... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | ++ +------------------+ + +---------------+---------------------------------------+ +| | CVE-2021-42375 | | | 1.33.1-r5 | busybox: incorrect handling | +| | | | | | of a special element in | +| | | | | | ash applet leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42375 | ++------------+------------------+----------+ +---------------+---------------------------------------+ +| ssl_client | CVE-2021-42378 | HIGH | | 1.33.1-r6 | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42379 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42380 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42381 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42382 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42383 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42384 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42385 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42386 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | ++ +------------------+----------+ +---------------+---------------------------------------+ +| | CVE-2021-42374 | MEDIUM | | 1.33.1-r4 | busybox: out-of-bounds read | +| | | | | | in unlzma applet leads to | +| | | | | | information leak and denial... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | ++ +------------------+ + +---------------+---------------------------------------+ +| | CVE-2021-42375 | | | 1.33.1-r5 | busybox: incorrect handling | +| | | | | | of a special element in | +| | | | | | ash applet leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42375 | ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +``` + +**Container: bitnami/postgresql:14.1.0@sha256:bdfeb12b5f8ae8dedfc2f7cb18a0ba48959c4dacc19176292a2fffd0abacdebe** + +``` +2021-12-03T20:42:34.038Z INFO Detected OS: debian +2021-12-03T20:42:34.038Z INFO Detecting Debian vulnerabilities... +2021-12-03T20:42:34.056Z INFO Number of language-specific files: 2 +2021-12-03T20:42:34.056Z INFO Detecting gobinary vulnerabilities... +2021-12-03T20:42:34.056Z INFO Detecting jar vulnerabilities... + +bitnami/postgresql:14.1.0@sha256:bdfeb12b5f8ae8dedfc2f7cb18a0ba48959c4dacc19176292a2fffd0abacdebe (debian 10.11) +================================================================================================================ +Total: 190 (UNKNOWN: 0, LOW: 130, MEDIUM: 21, HIGH: 31, CRITICAL: 8) + ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| bash | CVE-2019-18276 | | 5.0-4 | | bash: when effective UID is not | +| | | | | | equal to its real UID the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| bsdutils | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| coreutils | CVE-2016-2781 | | 8.30-3 | | coreutils: Non-privileged | +| | | | | | session can escape to the | +| | | | | | parent session in chroot | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-18018 | | | | coreutils: race condition | +| | | | | | vulnerability in chown and chgrp | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| curl | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| fdisk | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | gnupg2: OpenPGP Key Certification | +| | | | | | Forgeries with SHA-1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-14855 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libapt-pkg5.0 | CVE-2011-3374 | | 1.8.2.3 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libblkid1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libc-bin | CVE-2021-33574 | CRITICAL | 2.28-10 | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc-l10n | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc6 | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libcurl4 | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libfdisk1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgcc1 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libgcrypt20 | CVE-2021-33560 | | 1.8.4-5+deb10u1 | | libgcrypt: mishandles ElGamal | +| | | | | | encryption because it lacks | +| | | | | | exponent blinding to address a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33560 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-13627 | MEDIUM | | | libgcrypt: ECDSA timing attack | +| | | | | | allowing private key leak | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-13627 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation | +| | | | | | doesn't have semantic security due | +| | | | | | to incorrectly encoded plaintexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgmp10 | CVE-2021-43618 | HIGH | 2:6.1.2+dfsg-4 | | gmp: Integer overflow and resultant | +| | | | | | buffer overflow via crafted input | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43618 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgnutls30 | CVE-2011-3389 | LOW | 3.6.7-4+deb10u7 | | HTTPS: block-wise chosen-plaintext | +| | | | | | attack against SSL/TLS (BEAST) | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libgssapi-krb5-2 | CVE-2004-0971 | | 1.17-3+deb10u3 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libidn2-0 | CVE-2019-12290 | HIGH | 2.0.5-1+deb10u1 | | GNU libidn2 before 2.2.0 | +| | | | | | fails to perform the roundtrip | +| | | | | | checks specified in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12290 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libk5crypto3 | CVE-2004-0971 | LOW | 1.17-3+deb10u3 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5-3 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5support0 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libldap-2.4-2 | CVE-2015-3276 | | 2.4.47+dfsg-3+deb10u6 | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libldap-common | CVE-2015-3276 | | | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| liblz4-1 | CVE-2019-17543 | | 1.8.3-1+deb10u1 | | lz4: heap-based buffer | +| | | | | | overflow in LZ4_write32 | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libmount1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libncurses6 | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+ + + +---------------+ + +| libncursesw6 | | | | | | +| | | | | | | +| | | | | | | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libnghttp2-14 | CVE-2020-11080 | HIGH | 1.36.0-2+deb10u1 | | nghttp2: overly large SETTINGS | +| | | | | | frames can lead to DoS | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-11080 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libpcre3 | CVE-2020-14155 | MEDIUM | 2:8.39-12 | | pcre: Integer overflow when | +| | | | | | parsing callout numeric arguments | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2017-11164 | LOW | | | pcre: OP_KETRMAX feature in the | +| | | | | | match function in pcre_exec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-16231 | | | | pcre: self-recursive call | +| | | | | | in match() in pcre_exec.c | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20838 | | | | pcre: Buffer over-read in JIT | +| | | | | | when UTF is disabled and \X or... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libseccomp2 | CVE-2019-9893 | | 2.3.3-4 | | libseccomp: incorrect generation | +| | | | | | of syscall filters in libseccomp | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9893 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsepol1 | CVE-2021-36084 | | 2.8-1 | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36084 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36085 | | | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36085 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36086 | | | | libsepol: use-after-free in | +| | | | | | cil_reset_classpermission() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36087 | | | | libsepol: heap-based buffer | +| | | | | | overflow in ebitmap_match_any() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36087 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsmartcols1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libsqlite3-0 | CVE-2019-19603 | HIGH | 3.27.2-3+deb10u1 | | sqlite: mishandling of | +| | | | | | certain SELECT statements with | +| | | | | | non-existent VIEW can lead to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19603 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-19645 | MEDIUM | | | sqlite: infinite recursion via | +| | | | | | certain types of self-referential | +| | | | | | views in conjunction with... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19645 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19924 | | | | sqlite: incorrect | +| | | | | | sqlite3WindowRewrite() error | +| | | | | | handling leads to mishandling | +| | | | | | certain parser-tree rewriting | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19924 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13631 | | | | sqlite: Virtual table can be | +| | | | | | renamed into the name of one of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13631 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-19244 | LOW | | | sqlite: allows a crash | +| | | | | | if a sub-select uses both | +| | | | | | DISTINCT and window... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19244 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-11656 | | | | sqlite: use-after-free in the | +| | | | | | ALTER TABLE implementation | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-11656 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36690 | | | | ** DISPUTED ** A segmentation | +| | | | | | fault can occur in the | +| | | | | | sqlite3.exe command-line... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36690 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libssh2-1 | CVE-2019-13115 | HIGH | 1.8.0-2.1 | | libssh2: integer overflow in | +| | | | | | kex_method_diffie_hellman_group_exchange_sha256_key_exchange | +| | | | | | in kex.c leads to out-of-bounds write | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-13115 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-17498 | LOW | | | libssh2: integer overflow in | +| | | | | | SSH_MSG_DISCONNECT logic in packet.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-17498 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libssl1.1 | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libstdc++6 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsystemd0 | CVE-2019-3843 | | 241-7~deb10u8 | | systemd: services with DynamicUser | +| | | | | | can create SUID/SGID binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-3844 | | | | systemd: services with DynamicUser | +| | | | | | can get new privileges and | +| | | | | | create SGID binaries... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20386 | | | | systemd: memory leak in button_open() | +| | | | | | in login/logind-button.c when | +| | | | | | udev events are received... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13776 | | | | systemd: Mishandles numerical | +| | | | | | usernames beginning with decimal | +| | | | | | digits or 0x followed by... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libtasn1-6 | CVE-2018-1000654 | | 4.13-3 | | libtasn1: Infinite loop in | +| | | | | | _asn1_expand_object_id(ptree) | +| | | | | | leads to memory exhaustion | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libtinfo6 | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libudev1 | CVE-2019-3843 | HIGH | 241-7~deb10u8 | | systemd: services with DynamicUser | +| | | | | | can create SUID/SGID binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-3844 | | | | systemd: services with DynamicUser | +| | | | | | can get new privileges and | +| | | | | | create SGID binaries... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20386 | | | | systemd: memory leak in button_open() | +| | | | | | in login/logind-button.c when | +| | | | | | udev events are received... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13776 | | | | systemd: Mishandles numerical | +| | | | | | usernames beginning with decimal | +| | | | | | digits or 0x followed by... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libuuid1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libxml2 | CVE-2017-16932 | HIGH | 2.9.4+dfsg1-7+deb10u2 | | libxml2: Infinite recursion | +| | | | | | in parameter entities | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16932 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2016-9318 | MEDIUM | | | libxml2: XML External | +| | | | | | Entity vulnerability | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9318 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libxslt1.1 | CVE-2015-9019 | LOW | 1.1.32-2.2~deb10u1 | | libxslt: math.random() in | +| | | | | | xslt uses unseeded randomness | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-9019 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| locales | CVE-2021-33574 | CRITICAL | 2.28-10 | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| login | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-7169 | | | | shadow-utils: newgidmap | +| | | | | | allows unprivileged user to | +| | | | | | drop supplementary groups | +| | | | | | potentially allowing privilege... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| mount | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| ncurses-base | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| openssl | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| passwd | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-7169 | | | | shadow-utils: newgidmap | +| | | | | | allows unprivileged user to | +| | | | | | drop supplementary groups | +| | | | | | potentially allowing privilege... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| perl-base | CVE-2020-16156 | MEDIUM | 5.28.1-6+deb10u1 | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| tar | CVE-2005-2541 | | 1.30+dfsg-6 | | tar: does not properly warn the user | +| | | | | | when extracting setuid or setgid... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9923 | | | | tar: null-pointer dereference | +| | | | | | in pax_decode_header in sparse.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20193 | | | | tar: Memory leak in | +| | | | | | read_header() in list.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20193 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| util-linux | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ + +Java (jar) +========== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +opt/bitnami/common/bin/gosu (gobinary) +====================================== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + +``` + +**Container: tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e** + +``` +2021-12-03T20:42:43.765Z INFO Detected OS: debian +2021-12-03T20:42:43.765Z INFO Detecting Debian vulnerabilities... +2021-12-03T20:42:43.822Z INFO Number of language-specific files: 5 +2021-12-03T20:42:43.823Z INFO Detecting composer vulnerabilities... + +tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e (debian 11.1) +========================================================================================================================== +Total: 449 (UNKNOWN: 0, LOW: 332, MEDIUM: 66, HIGH: 40, CRITICAL: 11) + ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | mod_usertrack in Apache | +| | | | | | 1.3.11 through 1.3.20 | +| | | | | | generates session ID's using | +| | | | | | predictable information... | +| | | | | | -->avd.aquasec.com/nvd/cve-2001-1534 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1307 | | | | ** DISPUTED ** The mod_php module | +| | | | | | for the Apache HTTP Server... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1307 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1580 | | | | The Apache HTTP Server | +| | | | | | 2.0.44, when DNS resolution | +| | | | | | is enabled for client... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1581 | | | | httpd: Injection of arbitrary | +| | | | | | text into log files when | +| | | | | | DNS resolution is... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-0086 | | | | ** DISPUTED ** The Apache HTTP | +| | | | | | Server, when accessed through a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-0086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-1743 | | | | suexec in Apache HTTP Server | +| | | | | | (httpd) 2.2.3 does not | +| | | | | | verify combinations of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-1743 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3303 | | | | Apache httpd 2.0.59 and | +| | | | | | 2.2.4, with the Prefork | +| | | | | | MPM module, allows local... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3303 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-0456 | | | | httpd: mod_negotiation CRLF | +| | | | | | injection via untrusted file names | +| | | | | | in directories with MultiViews... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-0456 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| apache2-bin | CVE-2001-1534 | | | | mod_usertrack in Apache | +| | | | | | 1.3.11 through 1.3.20 | +| | | | | | generates session ID's using | +| | | | | | predictable information... | +| | | | | | -->avd.aquasec.com/nvd/cve-2001-1534 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1307 | | | | ** DISPUTED ** The mod_php module | +| | | | | | for the Apache HTTP Server... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1307 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1580 | | | | The Apache HTTP Server | +| | | | | | 2.0.44, when DNS resolution | +| | | | | | is enabled for client... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1581 | | | | httpd: Injection of arbitrary | +| | | | | | text into log files when | +| | | | | | DNS resolution is... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-0086 | | | | ** DISPUTED ** The Apache HTTP | +| | | | | | Server, when accessed through a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-0086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-1743 | | | | suexec in Apache HTTP Server | +| | | | | | (httpd) 2.2.3 does not | +| | | | | | verify combinations of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-1743 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3303 | | | | Apache httpd 2.0.59 and | +| | | | | | 2.2.4, with the Prefork | +| | | | | | MPM module, allows local... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3303 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-0456 | | | | httpd: mod_negotiation CRLF | +| | | | | | injection via untrusted file names | +| | | | | | in directories with MultiViews... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-0456 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| apache2-data | CVE-2001-1534 | | | | mod_usertrack in Apache | +| | | | | | 1.3.11 through 1.3.20 | +| | | | | | generates session ID's using | +| | | | | | predictable information... | +| | | | | | -->avd.aquasec.com/nvd/cve-2001-1534 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1307 | | | | ** DISPUTED ** The mod_php module | +| | | | | | for the Apache HTTP Server... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1307 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1580 | | | | The Apache HTTP Server | +| | | | | | 2.0.44, when DNS resolution | +| | | | | | is enabled for client... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1581 | | | | httpd: Injection of arbitrary | +| | | | | | text into log files when | +| | | | | | DNS resolution is... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-0086 | | | | ** DISPUTED ** The Apache HTTP | +| | | | | | Server, when accessed through a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-0086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-1743 | | | | suexec in Apache HTTP Server | +| | | | | | (httpd) 2.2.3 does not | +| | | | | | verify combinations of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-1743 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3303 | | | | Apache httpd 2.0.59 and | +| | | | | | 2.2.4, with the Prefork | +| | | | | | MPM module, allows local... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3303 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-0456 | | | | httpd: mod_negotiation CRLF | +| | | | | | injection via untrusted file names | +| | | | | | in directories with MultiViews... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-0456 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| apache2-utils | CVE-2001-1534 | | | | mod_usertrack in Apache | +| | | | | | 1.3.11 through 1.3.20 | +| | | | | | generates session ID's using | +| | | | | | predictable information... | +| | | | | | -->avd.aquasec.com/nvd/cve-2001-1534 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1307 | | | | ** DISPUTED ** The mod_php module | +| | | | | | for the Apache HTTP Server... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1307 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1580 | | | | The Apache HTTP Server | +| | | | | | 2.0.44, when DNS resolution | +| | | | | | is enabled for client... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1581 | | | | httpd: Injection of arbitrary | +| | | | | | text into log files when | +| | | | | | DNS resolution is... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-0086 | | | | ** DISPUTED ** The Apache HTTP | +| | | | | | Server, when accessed through a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-0086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-1743 | | | | suexec in Apache HTTP Server | +| | | | | | (httpd) 2.2.3 does not | +| | | | | | verify combinations of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-1743 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3303 | | | | Apache httpd 2.0.59 and | +| | | | | | 2.2.4, with the Prefork | +| | | | | | MPM module, allows local... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3303 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-0456 | | | | httpd: mod_negotiation CRLF | +| | | | | | injection via untrusted file names | +| | | | | | in directories with MultiViews... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-0456 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| apt | CVE-2011-3374 | | 2.2.4 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| binutils | CVE-2017-13716 | | 2.35.2-2 | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| binutils-common | CVE-2017-13716 | | | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| binutils-x86-64-linux-gnu | CVE-2017-13716 | | | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| busybox-static | CVE-2021-42377 | CRITICAL | 1:1.30.1-6 | | busybox: an attacker-controlled | +| | | | | | pointer free in hush applet | +| | | | | | leads to denial of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42377 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-28831 | HIGH | | | busybox: invalid free or segmentation | +| | | | | | fault via malformed gzip data | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-28831 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42378 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42379 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42380 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42381 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42382 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42383 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42384 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42385 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42386 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2018-1000500 | LOW | | | busybox: wget: Missing | +| | | | | | SSL certificate validation | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000500 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42373 | | | | busybox: NULL pointer | +| | | | | | dereference in man applet | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42373 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42374 | | | | busybox: out-of-bounds read | +| | | | | | in unlzma applet leads to | +| | | | | | information leak and denial... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42375 | | | | busybox: incorrect handling | +| | | | | | of a special element in | +| | | | | | ash applet leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42375 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42376 | | | | busybox: NULL pointer | +| | | | | | dereference in hush applet | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42376 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| coreutils | CVE-2016-2781 | | 8.32-4 | | coreutils: Non-privileged | +| | | | | | session can escape to the | +| | | | | | parent session in chroot | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-18018 | | | | coreutils: race condition | +| | | | | | vulnerability in chown and chgrp | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| curl | CVE-2021-22945 | CRITICAL | 7.74.0-1.3 | | curl: use-after-free and | +| | | | | | double-free in MQTT sending | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22945 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22946 | HIGH | | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| imagemagick-6-common | CVE-2021-20309 | HIGH | 8:6.9.11.60+dfsg-1.3 | | ImagemMagick: Division | +| | | | | | by zero in WaveImage() of | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20309 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20312 | | | | ImageMagick: Integer overflow | +| | | | | | in WriteTHUMBNAILImage | +| | | | | | of coders/thumbnail.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20312 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20313 | | | | ImageMagick: Cipher leak when | +| | | | | | the calculating signatures | +| | | | | | in TransformSignatureof | +| | | | | | MagickCore/signature.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20313 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-20241 | MEDIUM | | | ImageMagick: Division by zero in | +| | | | | | WriteJP2Image() in coders/jp2.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20241 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20243 | | | | ImageMagick: Division by | +| | | | | | zero in GetResizeFilterWeight | +| | | | | | in MagickCore/resize.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20243 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20244 | | | | ImageMagick: Division by | +| | | | | | zero in ImplodeImage in | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20244 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20245 | | | | ImageMagick: Division by zero | +| | | | | | in WriteAnimatedWEBPImage() | +| | | | | | in coders/webp.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20246 | | | | ImageMagick: Division by | +| | | | | | zero in ScaleResampleFilter | +| | | | | | in MagickCore/resample.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-39212 | | | | ImageMagick: possible read | +| | | | | | or write in postscript files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39212 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2005-0406 | LOW | | | A design flaw in image | +| | | | | | processing software that | +| | | | | | modifies JPEG images might... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-0406 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-3134 | | | | GraphicsMagick/ImageMagick: | +| | | | | | multiple crash or DoS issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-3134 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-8678 | | | | ImageMagick: Heap-buffer | +| | | | | | overflow in IsPixelMonochrome | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-8678 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11754 | | | | ImageMagick: Memory leak | +| | | | | | in WritePICONImage function | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11754 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11755 | | | | ImageMagick: Memory leak in | +| | | | | | WritePICONImage function via | +| | | | | | mishandled AcquireSemaphoreInfo call | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7275 | | | | ImageMagick: Memory allocation | +| | | | | | failure in AcquireMagickMemory | +| | | | | | (incomplete fix for CVE-2016-8866) | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7275 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-15607 | | | | ImageMagick: CPU Exhaustion | +| | | | | | via crafted input file | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-15607 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20311 | | | | ImageMagick: Division by | +| | | | | | zero in sRGBTransformImage() | +| | | | | | in MagickCore/colorspace.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20311 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-34183 | | | | ImageMagick: memory leak | +| | | | | | in AcquireSemaphoreMemory() | +| | | | | | in semaphore.c and | +| | | | | | AcquireMagickMemory() in memory.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-34183 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libaom0 | CVE-2021-30473 | CRITICAL | 1.0.0.errata1-3 | | aom_image.c in libaom in | +| | | | | | AOMedia before 2021-04-07 | +| | | | | | frees memory that is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-30473 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-30474 | | | | aom_dsp/grain_table.c in | +| | | | | | libaom in AOMedia before | +| | | | | | 2021-03-30 has a use-after-free. | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-30474 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-30475 | | | | aom_dsp/noise_model.c in libaom | +| | | | | | in AOMedia before 2021-03-24 | +| | | | | | has a buffer overflow. | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-30475 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libapt-pkg6.0 | CVE-2011-3374 | LOW | 2.2.4 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libbinutils | CVE-2017-13716 | | 2.35.2-2 | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libc-bin | CVE-2021-33574 | CRITICAL | 2.31-13+deb11u2 | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43396 | | | | glibc: conversion from | +| | | | | | ISO-2022-JP-3 with iconv may | +| | | | | | emit spurious NUL character on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc-dev-bin | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43396 | | | | glibc: conversion from | +| | | | | | ISO-2022-JP-3 with iconv may | +| | | | | | emit spurious NUL character on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc6 | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43396 | | | | glibc: conversion from | +| | | | | | ISO-2022-JP-3 with iconv may | +| | | | | | emit spurious NUL character on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc6-dev | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43396 | | | | glibc: conversion from | +| | | | | | ISO-2022-JP-3 with iconv may | +| | | | | | emit spurious NUL character on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libctf-nobfd0 | CVE-2017-13716 | | 2.35.2-2 | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libctf0 | CVE-2017-13716 | | | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libcurl4 | CVE-2021-22945 | CRITICAL | 7.74.0-1.3 | | curl: use-after-free and | +| | | | | | double-free in MQTT sending | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22945 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22946 | HIGH | | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libde265-0 | CVE-2020-21598 | HIGH | 1.0.8-1 | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | ff_hevc_put_unweighted_pred_8_sse | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21598 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-21594 | MEDIUM | | | libde265 v1.0.4 contains | +| | | | | | a heap buffer overflow in | +| | | | | | the put_epel_hv_fallback | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21594 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21595 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | mc_luma function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21595 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21596 | | | | libde265 v1.0.4 contains a | +| | | | | | global buffer overflow in the | +| | | | | | decode_CABAC_bit function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21596 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21597 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | mc_chroma function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21597 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21599 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | de265_image::available_zscan | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21599 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21600 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | put_weighted_pred_avg_16_fallback | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21600 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21601 | | | | libde265 v1.0.4 contains a | +| | | | | | stack buffer overflow in the | +| | | | | | put_qpel_fallback function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21601 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21602 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | put_weighted_bipred_16_fallback | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21602 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21603 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | put_qpel_0_0_fallback_16 | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21603 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21604 | | | | libde265 v1.0.4 contains a heap | +| | | | | | buffer overflow fault in the | +| | | | | | _mm_loadl_epi64 function,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21604 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21605 | | | | libde265 v1.0.4 contains | +| | | | | | a segmentation fault in | +| | | | | | the apply_sao_internal | +| | | | | | function, which can... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21605 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21606 | | | | libde265 v1.0.4 contains a heap | +| | | | | | buffer overflow fault in the | +| | | | | | put_epel_16_fallback function,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21606 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libexpat1 | CVE-2013-0340 | LOW | 2.2.10-2 | | expat: internal entity expansion | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-0340 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libgcrypt20 | CVE-2021-33560 | HIGH | 1.8.7-6 | | libgcrypt: mishandles ElGamal | +| | | | | | encryption because it lacks | +| | | | | | exponent blinding to address a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33560 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation | +| | | | | | doesn't have semantic security due | +| | | | | | to incorrectly encoded plaintexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libglib2.0-0 | CVE-2012-0039 | | 2.66.8-1 | | glib2: hash table | +| | | | | | collisions CPU usage DoS | +| | | | | | -->avd.aquasec.com/nvd/cve-2012-0039 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libgmp10 | CVE-2021-43618 | HIGH | 2:6.2.1+dfsg-1 | | gmp: Integer overflow and resultant | +| | | | | | buffer overflow via crafted input | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43618 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libgnutls30 | CVE-2011-3389 | LOW | 3.7.1-5 | | HTTPS: block-wise chosen-plaintext | +| | | | | | attack against SSL/TLS (BEAST) | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libgssapi-krb5-2 | CVE-2004-0971 | | 1.18.3-6+deb11u1 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libheif1 | CVE-2020-23109 | HIGH | 1.11.0-1 | | Buffer overflow vulnerability | +| | | | | | in function convert_colorspace | +| | | | | | in heif_colorconversion.cc | +| | | | | | in libheif v1.6.2, allows... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-23109 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libjansson4 | CVE-2020-36325 | LOW | 2.13.1-1.1 | | jansson: out-of-bounds read in | +| | | | | | json_loads() due to a parsing error | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-36325 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libjbig0 | CVE-2017-9937 | | 2.1-3.1 | | libtiff: memory malloc failure | +| | | | | | in tif_jbig.c could cause DOS. | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-9937 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libk5crypto3 | CVE-2004-0971 | | 1.18.3-6+deb11u1 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5-3 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5support0 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libldap-2.4-2 | CVE-2015-3276 | | 2.4.57+dfsg-3 | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libldap-common | CVE-2015-3276 | | | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| liblua5.3-0 | CVE-2019-6706 | HIGH | 5.3.3-1.1 | | lua: use-after-free in | +| | | | | | lua_upvaluejoin in lapi.c | +| | | | | | resulting in denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-6706 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-24370 | MEDIUM | | | lua: segmentation fault in getlocal | +| | | | | | and setlocal functions in ldebug.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-24370 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43519 | | | | Stack overflow in lua_resume | +| | | | | | of ldo.c in Lua Interpreter | +| | | | | | 5.1.0~5.4.4 allows attackers... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43519 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libmagickcore-6.q16-6 | CVE-2021-20309 | HIGH | 8:6.9.11.60+dfsg-1.3 | | ImagemMagick: Division | +| | | | | | by zero in WaveImage() of | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20309 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20312 | | | | ImageMagick: Integer overflow | +| | | | | | in WriteTHUMBNAILImage | +| | | | | | of coders/thumbnail.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20312 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20313 | | | | ImageMagick: Cipher leak when | +| | | | | | the calculating signatures | +| | | | | | in TransformSignatureof | +| | | | | | MagickCore/signature.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20313 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-20241 | MEDIUM | | | ImageMagick: Division by zero in | +| | | | | | WriteJP2Image() in coders/jp2.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20241 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20243 | | | | ImageMagick: Division by | +| | | | | | zero in GetResizeFilterWeight | +| | | | | | in MagickCore/resize.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20243 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20244 | | | | ImageMagick: Division by | +| | | | | | zero in ImplodeImage in | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20244 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20245 | | | | ImageMagick: Division by zero | +| | | | | | in WriteAnimatedWEBPImage() | +| | | | | | in coders/webp.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20246 | | | | ImageMagick: Division by | +| | | | | | zero in ScaleResampleFilter | +| | | | | | in MagickCore/resample.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-39212 | | | | ImageMagick: possible read | +| | | | | | or write in postscript files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39212 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2005-0406 | LOW | | | A design flaw in image | +| | | | | | processing software that | +| | | | | | modifies JPEG images might... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-0406 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-3134 | | | | GraphicsMagick/ImageMagick: | +| | | | | | multiple crash or DoS issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-3134 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-8678 | | | | ImageMagick: Heap-buffer | +| | | | | | overflow in IsPixelMonochrome | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-8678 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11754 | | | | ImageMagick: Memory leak | +| | | | | | in WritePICONImage function | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11754 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11755 | | | | ImageMagick: Memory leak in | +| | | | | | WritePICONImage function via | +| | | | | | mishandled AcquireSemaphoreInfo call | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7275 | | | | ImageMagick: Memory allocation | +| | | | | | failure in AcquireMagickMemory | +| | | | | | (incomplete fix for CVE-2016-8866) | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7275 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-15607 | | | | ImageMagick: CPU Exhaustion | +| | | | | | via crafted input file | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-15607 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20311 | | | | ImageMagick: Division by | +| | | | | | zero in sRGBTransformImage() | +| | | | | | in MagickCore/colorspace.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20311 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-34183 | | | | ImageMagick: memory leak | +| | | | | | in AcquireSemaphoreMemory() | +| | | | | | in semaphore.c and | +| | | | | | AcquireMagickMemory() in memory.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-34183 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libmagickwand-6.q16-6 | CVE-2021-20309 | HIGH | | | ImagemMagick: Division | +| | | | | | by zero in WaveImage() of | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20309 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20312 | | | | ImageMagick: Integer overflow | +| | | | | | in WriteTHUMBNAILImage | +| | | | | | of coders/thumbnail.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20312 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20313 | | | | ImageMagick: Cipher leak when | +| | | | | | the calculating signatures | +| | | | | | in TransformSignatureof | +| | | | | | MagickCore/signature.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20313 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-20241 | MEDIUM | | | ImageMagick: Division by zero in | +| | | | | | WriteJP2Image() in coders/jp2.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20241 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20243 | | | | ImageMagick: Division by | +| | | | | | zero in GetResizeFilterWeight | +| | | | | | in MagickCore/resize.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20243 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20244 | | | | ImageMagick: Division by | +| | | | | | zero in ImplodeImage in | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20244 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20245 | | | | ImageMagick: Division by zero | +| | | | | | in WriteAnimatedWEBPImage() | +| | | | | | in coders/webp.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20246 | | | | ImageMagick: Division by | +| | | | | | zero in ScaleResampleFilter | +| | | | | | in MagickCore/resample.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-39212 | | | | ImageMagick: possible read | +| | | | | | or write in postscript files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39212 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2005-0406 | LOW | | | A design flaw in image | +| | | | | | processing software that | +| | | | | | modifies JPEG images might... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-0406 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-3134 | | | | GraphicsMagick/ImageMagick: | +| | | | | | multiple crash or DoS issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-3134 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-8678 | | | | ImageMagick: Heap-buffer | +| | | | | | overflow in IsPixelMonochrome | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-8678 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11754 | | | | ImageMagick: Memory leak | +| | | | | | in WritePICONImage function | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11754 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11755 | | | | ImageMagick: Memory leak in | +| | | | | | WritePICONImage function via | +| | | | | | mishandled AcquireSemaphoreInfo call | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7275 | | | | ImageMagick: Memory allocation | +| | | | | | failure in AcquireMagickMemory | +| | | | | | (incomplete fix for CVE-2016-8866) | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7275 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-15607 | | | | ImageMagick: CPU Exhaustion | +| | | | | | via crafted input file | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-15607 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20311 | | | | ImageMagick: Division by | +| | | | | | zero in sRGBTransformImage() | +| | | | | | in MagickCore/colorspace.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20311 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-34183 | | | | ImageMagick: memory leak | +| | | | | | in AcquireSemaphoreMemory() | +| | | | | | in semaphore.c and | +| | | | | | AcquireMagickMemory() in memory.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-34183 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libncurses6 | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++---------------------------+ + + +---------------+ + +| libncursesw6 | | | | | | +| | | | | | | +| | | | | | | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libopenjp2-7 | CVE-2021-3575 | HIGH | 2.4.0-3 | | openjpeg: heap-buffer-overflow | +| | | | | | in color.c may lead to DoS or | +| | | | | | arbitrary code execution... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3575 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-29338 | MEDIUM | | | openjpeg: out-of-bounds write due to | +| | | | | | an integer overflow in opj_compress.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-29338 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2016-10505 | LOW | | | openjpeg: NULL pointer dereference | +| | | | | | in imagetopnm function in convert.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10505 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10506 | | | | openjpeg: Division by zero in | +| | | | | | functions opj_pi_next_cprl, | +| | | | | | opj_pi_next_pcrl, and | +| | | | | | opj_pi_next_rpcl in pi.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10506 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9113 | | | | CVE-2016-9114 CVE-2016-9115 | +| | | | | | CVE-2016-9116 CVE-2016-9117 | +| | | | | | CVE-2016-9118 openjpeg2: | +| | | | | | Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9113 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9114 | | | | CVE-2016-9113 CVE-2016-9114 | +| | | | | | CVE-2016-9115 CVE-2016-9116 | +| | | | | | CVE-2016-9117 CVE-2016-9118 | +| | | | | | openjpeg2: Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9114 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9115 | | | | CVE-2016-9113 CVE-2016-9114 | +| | | | | | CVE-2016-9115 CVE-2016-9116 | +| | | | | | CVE-2016-9117 CVE-2016-9118 | +| | | | | | openjpeg2: Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9115 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9116 | | | | CVE-2016-9113 CVE-2016-9114 | +| | | | | | CVE-2016-9115 CVE-2016-9116 | +| | | | | | CVE-2016-9117 CVE-2016-9118 | +| | | | | | openjpeg2: Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9116 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9117 | | | | CVE-2016-9113 CVE-2016-9114 | +| | | | | | CVE-2016-9115 CVE-2016-9116 | +| | | | | | CVE-2016-9117 CVE-2016-9118 | +| | | | | | openjpeg2: Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9117 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9580 | | | | openjpeg2: Integer overflow | +| | | | | | in tiftoimage causes | +| | | | | | heap buffer overflow | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9581 | | | | openjpeg2: Infinite loop | +| | | | | | in tiftoimage resulting | +| | | | | | into heap buffer overflow | +| | | | | | in convert_32s_C1P1... | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17479 | | | | openjpeg: Stack-buffer overflow | +| | | | | | in the pgxtoimage function | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17479 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-16375 | | | | openjpeg: Heap-based buffer | +| | | | | | overflow in pnmtoimage | +| | | | | | function in bin/jpwl/convert.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-16375 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-16376 | | | | openjpeg: Heap-based buffer overflow | +| | | | | | in function t2_encode_packet | +| | | | | | in src/lib/openmj2/t2.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-16376 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20846 | | | | openjpeg: out-of-bounds read in | +| | | | | | functions pi_next_lrcp, pi_next_rlcp, | +| | | | | | pi_next_rpcl, pi_next_pcrl, | +| | | | | | pi_next_rpcl, and pi_next_cprl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20846 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-6988 | | | | openjpeg: DoS via memory | +| | | | | | exhaustion in opj_decompress | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-6988 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libpcre3 | CVE-2017-11164 | | 2:8.39-13 | | pcre: OP_KETRMAX feature in the | +| | | | | | match function in pcre_exec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-16231 | | | | pcre: self-recursive call | +| | | | | | in match() in pcre_exec.c | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20838 | | | | pcre: Buffer over-read in JIT | +| | | | | | when UTF is disabled and \X or... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libperl5.32 | CVE-2020-16156 | MEDIUM | 5.32.1-4+deb11u2 | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libpng16-16 | CVE-2019-6129 | | 1.6.37-3 | | libpng: memory leak of | +| | | | | | png_info struct in pngcp.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-6129 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libsepol1 | CVE-2021-36084 | | 3.1-1 | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36084 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36085 | | | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36085 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36086 | | | | libsepol: use-after-free in | +| | | | | | cil_reset_classpermission() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36087 | | | | libsepol: heap-based buffer | +| | | | | | overflow in ebitmap_match_any() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36087 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libsqlite3-0 | CVE-2021-36690 | | 3.34.1-3 | | ** DISPUTED ** A segmentation | +| | | | | | fault can occur in the | +| | | | | | sqlite3.exe command-line... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36690 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libssl1.1 | CVE-2007-6755 | | 1.1.1k-1+deb11u1 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libsystemd0 | CVE-2013-4392 | | 247.3-6 | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libtiff5 | CVE-2014-8130 | | 4.2.0-1 | | libtiff: divide by zero | +| | | | | | in the tiffdither tool | +| | | | | | -->avd.aquasec.com/nvd/cve-2014-8130 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-16232 | | | | libtiff: Memory leaks in | +| | | | | | tif_open.c, tif_lzw.c, and tif_aux.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16232 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17973 | | | | libtiff: heap-based use after | +| | | | | | free in tiff2pdf.c:t2p_writeproc | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17973 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-5563 | | | | libtiff: Heap-buffer overflow | +| | | | | | in LZWEncode tif_lzw.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-5563 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-9117 | | | | libtiff: Heap-based buffer | +| | | | | | over-read in bmp2tiff | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-9117 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-10126 | | | | libtiff: NULL pointer dereference | +| | | | | | in the jpeg_fdct_16x16 | +| | | | | | function in jfdctint.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-10126 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libtinfo6 | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libudev1 | CVE-2013-4392 | | 247.3-6 | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libwebp6 | CVE-2016-9085 | | 0.6.1-2.1 | | libwebp: Several integer overflows | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9085 | ++---------------------------+ + + +---------------+ + +| libwebpdemux2 | | | | | | +| | | | | | | ++---------------------------+ + + +---------------+ + +| libwebpmux3 | | | | | | +| | | | | | | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| linux-libc-dev | CVE-2021-43267 | CRITICAL | 5.10.70-1 | | kernel: Insufficient validation | +| | | | | | of user-supplied sizes for | +| | | | | | the MSG_CRYPTO message type | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43267 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2013-7445 | HIGH | | | kernel: memory exhaustion via | +| | | | | | crafted Graphics Execution | +| | | | | | Manager (GEM) objects | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-7445 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19378 | | | | kernel: out-of-bounds write in | +| | | | | | index_rbio_pages in fs/btrfs/raid56.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19378 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19449 | | | | kernel: mounting a crafted | +| | | | | | f2fs filesystem image can lead | +| | | | | | to slab-out-of-bounds read... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19449 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19814 | | | | kernel: out-of-bounds write | +| | | | | | in __remove_dirty_segment | +| | | | | | in fs/f2fs/segment.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19814 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-12362 | | | | kernel: Integer overflow in | +| | | | | | Intel(R) Graphics Drivers | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-12362 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26556 | | | | kernel: malleable commitment | +| | | | | | Bluetooth Mesh Provisioning | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26556 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26557 | | | | kernel: predictable | +| | | | | | Authvalue in Bluetooth Mesh | +| | | | | | Provisioning Leads to MITM | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26557 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26559 | | | | kernel: Authvalue leak in | +| | | | | | Bluetooth Mesh Provisioning | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26559 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26560 | | | | kernel: impersonation attack | +| | | | | | in Bluetooth Mesh Provisioning | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26560 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3752 | | | | kernel: possible use-after-free | +| | | | | | in bluetooth module | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-4001 | | | | kernel: race condition | +| | | | | | when the EBPF map is frozen | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-4001 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-4028 | | | | kernel: use-after-free | +| | | | | | in RDMA listen() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-4028 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-41864 | | | | kernel: eBPF multiplication | +| | | | | | integer overflow in | +| | | | | | prealloc_elems_and_freelist() | +| | | | | | in kernel/bpf/stackmap.c | +| | | | | | leads to out-of-bounds... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-41864 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-15213 | MEDIUM | | | kernel: use-after-free caused | +| | | | | | by malicious USB device in | +| | | | | | drivers/media/usb/dvb-usb/dvb-usb-init.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15213 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15794 | | | | kernel: Overlayfs in the | +| | | | | | Linux kernel and shiftfs | +| | | | | | not restoring original... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15794 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16089 | | | | kernel: Improper return check | +| | | | | | in nbd_genl_status function | +| | | | | | in drivers/block/nbd.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16089 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20794 | | | | kernel: task processes not | +| | | | | | being properly ended could | +| | | | | | lead to resource exhaustion... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20794 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-12363 | | | | kernel: Improper input validation | +| | | | | | in some Intel(R) Graphics Drivers | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-12363 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-12364 | | | | kernel: Null pointer dereference | +| | | | | | in some Intel(R) Graphics Drivers | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-12364 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-14304 | | | | kernel: ethtool when reading | +| | | | | | eeprom of device could | +| | | | | | lead to memory leak... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-14304 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15802 | | | | hardware: BLURtooth: "Dual | +| | | | | | mode" hardware using CTKD are | +| | | | | | vulnerable to key overwrite... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15802 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-24504 | | | | kernel: Uncontrolled resource | +| | | | | | consumption in some Intel(R) | +| | | | | | Ethernet E810 Adapter drivers | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-24504 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26555 | | | | kernel: Bluetooth BR/EDR PIN | +| | | | | | Pairing procedure is vulnerable | +| | | | | | to an impersonation attack... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26555 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20321 | | | | kernel: In Overlayfs missing | +| | | | | | a check for a negative | +| | | | | | dentry before calling... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20321 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3640 | | | | kernel: use-after-free vulnerability | +| | | | | | in function sco_sock_sendmsg() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3640 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3669 | | | | kernel: reading /proc/sysvipc/shm | +| | | | | | does not scale with large | +| | | | | | shared memory segment counts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3669 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3744 | | | | kernel: crypto: ccp - fix resource | +| | | | | | leaks in ccp_run_aes_gcm_cmd() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3744 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3759 | | | | kernel: unaccounted ipc | +| | | | | | objects in Linux kernel lead | +| | | | | | to breaking memcg limits... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3759 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3764 | | | | kernel: DoS in | +| | | | | | ccp_run_aes_gcm_cmd() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3764 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3772 | | | | kernel: sctp: Invalid chunks | +| | | | | | may be used to remotely remove | +| | | | | | existing associations... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3772 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3847 | | | | kernel: low-privileged | +| | | | | | user privileges escalation | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3847 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3892 | | | | kernel: memory leak | +| | | | | | in fib6_rule_suppress | +| | | | | | could result in DoS | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3892 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-4002 | | | | kernel: possible leak or coruption | +| | | | | | of data residing on hugetlbfs | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-4002 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-4037 | | | | kernel: security regression | +| | | | | | for CVE-2018-13405 | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-4037 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42327 | | | | kernel: heap-based buffer overflow | +| | | | | | in dp_link_settings_write() in | +| | | | | | drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42327 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42739 | | | | kernel: Heap buffer | +| | | | | | overflow in firedtv driver | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42739 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43056 | | | | kernel: ppc: kvm: allows a malicious | +| | | | | | KVM guest to crash the host... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43056 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43389 | | | | kernel: an array-index-out-bounds | +| | | | | | in detach_capi_ctr in | +| | | | | | drivers/isdn/capi/kcapi.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43389 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43975 | | | | kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in | +| | | | | | drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43975 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43976 | | | | kernel: mwifiex_usb_recv() in | +| | | | | | drivers/net/wireless/marvell/mwifiex/usb.c | +| | | | | | allows an attacker to | +| | | | | | cause DoS via crafted... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43976 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2004-0230 | LOW | | | TCP, when using a large Window | +| | | | | | Size, makes it easier for remote... | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0230 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2005-3660 | | | | Linux kernel 2.4 and 2.6 allows | +| | | | | | attackers to cause a denial of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-3660 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3719 | | | | kernel: secretly Monopolizing the | +| | | | | | CPU Without Superuser Privileges | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3719 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-2544 | | | | kernel: mounting proc | +| | | | | | readonly on a different mount | +| | | | | | point silently mounts it... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-2544 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-4609 | | | | kernel: TCP protocol | +| | | | | | vulnerabilities from Outpost24 | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-4609 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-4563 | | | | kernel: ipv6: sniffer detection | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4563 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-5321 | | | | kernel: v4l: videobuf: hotfix a | +| | | | | | bug on multiple calls to mmap() | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-5321 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2011-4915 | | | | fs/proc/base.c in the Linux | +| | | | | | kernel through 3.1 allows | +| | | | | | local users to obtain... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4915 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2011-4917 | | | | -->avd.aquasec.com/nvd/cve-2011-4917 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2012-4542 | | | | kernel: block: default SCSI | +| | | | | | command filter does not accomodate | +| | | | | | commands overlap across... | +| | | | | | -->avd.aquasec.com/nvd/cve-2012-4542 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2014-9892 | | | | The snd_compr_tstamp function in | +| | | | | | sound/core/compress_offload.c in | +| | | | | | the Linux kernel through 4.7, as... | +| | | | | | -->avd.aquasec.com/nvd/cve-2014-9892 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2014-9900 | | | | kernel: Info leak in uninitialized | +| | | | | | structure ethtool_wolinfo | +| | | | | | in ethtool_get_wol() | +| | | | | | -->avd.aquasec.com/nvd/cve-2014-9900 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2015-2877 | | | | Kernel: Cross-VM ASL | +| | | | | | INtrospection (CAIN) | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-2877 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10723 | | | | ** DISPUTED ** An issue | +| | | | | | was discovered in the | +| | | | | | Linux kernel through... | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10723 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-8660 | | | | kernel: xfs: local DoS due to | +| | | | | | a page lock order bug in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-8660 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-0630 | | | | kernel: Information | +| | | | | | disclosure vulnerability | +| | | | | | in kernel trace subsystem | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-0630 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-13693 | | | | kernel: ACPI operand | +| | | | | | cache leak in dsutils.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13693 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-13694 | | | | kernel: ACPI node and | +| | | | | | node_ext cache leak | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13694 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-1121 | | | | procps-ng, procps: process | +| | | | | | hiding through race | +| | | | | | condition enumerating /proc | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-1121 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12928 | | | | kernel: NULL pointer dereference | +| | | | | | in hfs_ext_read_extent in hfs.ko | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12928 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-17977 | | | | kernel: Mishandled interactions among | +| | | | | | XFRM Netlink messages, IPPROTO_AH | +| | | | | | packets, and IPPROTO_IP packets... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-17977 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-11191 | | | | kernel: race condition in | +| | | | | | load_aout_binary() allows local | +| | | | | | users to bypass ASLR on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-11191 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12378 | | | | kernel: unchecked kmalloc | +| | | | | | of new_ra in ip6_ra_control | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12378 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12379 | | | | kernel: memory leak in | +| | | | | | con_insert_unipair in | +| | | | | | drivers/tty/vt/consolemap.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12379 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12380 | | | | kernel: memory allocation | +| | | | | | failure in the efi subsystem | +| | | | | | leads to denial of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12380 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12381 | | | | kernel: unchecked kmalloc | +| | | | | | of new_ra in ip_ra_control | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12381 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12382 | | | | kernel: unchecked kstrdup of | +| | | | | | fwstr in drm_load_edid_firmware | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12382 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12455 | | | | kernel: null pointer dereference | +| | | | | | in sunxi_divs_clk_setup in | +| | | | | | drivers/clk/sunxi/clk-sunxi.c | +| | | | | | causing denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12455 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12456 | | | | kernel: double fetch in the | +| | | | | | MPT3COMMAND case in _ctl_ioctl_main | +| | | | | | in drivers/scsi/mpt3sas/mpt3sas_ctl.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12456 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16229 | | | | kernel: null pointer dereference in | +| | | | | | drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16229 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16230 | | | | kernel: null pointer dereference in | +| | | | | | drivers/gpu/drm/radeon/radeon_display.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16230 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16231 | | | | kernel: null-pointer dereference | +| | | | | | in drivers/net/fjes/fjes_main.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16231 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16232 | | | | kernel: null-pointer dereference in | +| | | | | | drivers/net/wireless/marvell/libertas/if_sdio.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16232 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16233 | | | | kernel: null pointer dereference | +| | | | | | in drivers/scsi/qla2xxx/qla_os.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16233 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16234 | | | | kernel: null pointer dereference in | +| | | | | | drivers/net/wireless/intel/iwlwifi/pcie/trans.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16234 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19070 | | | | kernel: A memory leak in the | +| | | | | | spi_gpio_probe() function in | +| | | | | | drivers/spi/spi-gpio.c allows for... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19070 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-11725 | | | | kernel: improper handling of | +| | | | | | private_size*count multiplication | +| | | | | | due to count=info->owner typo | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-11725 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27820 | | | | kernel: use-after-free | +| | | | | | in nouveau kernel module | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27820 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35501 | | | | kernel: audit not logging access | +| | | | | | to syscall open_by_handle_at for | +| | | | | | users with CAP_DAC_READ_SEARCH... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35501 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-26934 | | | | An issue was discovered in the Linux | +| | | | | | kernel 4.18 through 5.10.16, as... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-26934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-32078 | | | | kernel: out-of-bounds read in | +| | | | | | arch/arm/mach-footbridge/personal-pci.c | +| | | | | | due to improper input validation | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-32078 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3760 | | | | kernel: nfc: Use-After-Free | +| | | | | | vulnerability of | +| | | | | | ndev->rf_conn_info object | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3760 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| login | CVE-2007-5686 | | 1:4.8.1-1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| m4 | CVE-2008-1687 | | 1.4.18-5 | | m4: unquoted output of | +| | | | | | maketemp and mkstemp | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-1687 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-1688 | | | | m4: code execution via -F argument | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-1688 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| ncurses-base | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++---------------------------+ + + +---------------+ + +| ncurses-bin | | | | | | +| | | | | | | +| | | | | | | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| openssl | CVE-2007-6755 | | 1.1.1k-1+deb11u1 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| passwd | CVE-2007-5686 | | 1:4.8.1-1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| patch | CVE-2010-4651 | | 2.7.6-7 | | patch: directory traversal flaw | +| | | | | | allows for arbitrary file creation | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4651 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-6951 | | | | patch: NULL pointer dereference | +| | | | | | in pch.c:intuit_diff_type() | +| | | | | | causes a crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6951 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-6952 | | | | patch: Double free of memory in | +| | | | | | pch.c:another_hunk() causes a crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6952 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| perl | CVE-2020-16156 | MEDIUM | 5.32.1-4+deb11u2 | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| perl-base | CVE-2020-16156 | MEDIUM | | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| perl-modules-5.32 | CVE-2020-16156 | MEDIUM | | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| re2c | CVE-2018-21232 | | 2.0.3-1 | | re2c: uncontrolled recursion | +| | | | | | that causes stack consumption | +| | | | | | in find_fixed_tags | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-21232 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| tar | CVE-2005-2541 | | 1.34+dfsg-1 | | tar: does not properly warn the user | +| | | | | | when extracting setuid or setgid... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ + +usr/src/nextcloud/3rdparty/composer.lock (composer) +=================================================== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +usr/src/nextcloud/3rdparty/egulias/email-validator/composer.lock (composer) +=========================================================================== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +usr/src/nextcloud/apps/circles/composer.lock (composer) +======================================================= +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +usr/src/nextcloud/apps/files_external/3rdparty/composer.lock (composer) +======================================================================= +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +usr/src/nextcloud/apps/support/composer.lock (composer) +======================================================= +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + +``` + +**Container: tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e** + +``` +2021-12-03T20:42:44.996Z INFO Detected OS: debian +2021-12-03T20:42:44.996Z INFO Detecting Debian vulnerabilities... +2021-12-03T20:42:45.059Z INFO Number of language-specific files: 5 +2021-12-03T20:42:45.059Z INFO Detecting composer vulnerabilities... + +tccr.io/truecharts/nextcloud:v23.0.0@sha256:14b9b85250c984c6c4083f4509b84c98587d0913ec997c57a300c503f5c0344e (debian 11.1) +========================================================================================================================== +Total: 449 (UNKNOWN: 0, LOW: 332, MEDIUM: 66, HIGH: 40, CRITICAL: 11) + ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| apache2 | CVE-2001-1534 | LOW | 2.4.51-1~deb11u1 | | mod_usertrack in Apache | +| | | | | | 1.3.11 through 1.3.20 | +| | | | | | generates session ID's using | +| | | | | | predictable information... | +| | | | | | -->avd.aquasec.com/nvd/cve-2001-1534 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1307 | | | | ** DISPUTED ** The mod_php module | +| | | | | | for the Apache HTTP Server... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1307 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1580 | | | | The Apache HTTP Server | +| | | | | | 2.0.44, when DNS resolution | +| | | | | | is enabled for client... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1581 | | | | httpd: Injection of arbitrary | +| | | | | | text into log files when | +| | | | | | DNS resolution is... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-0086 | | | | ** DISPUTED ** The Apache HTTP | +| | | | | | Server, when accessed through a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-0086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-1743 | | | | suexec in Apache HTTP Server | +| | | | | | (httpd) 2.2.3 does not | +| | | | | | verify combinations of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-1743 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3303 | | | | Apache httpd 2.0.59 and | +| | | | | | 2.2.4, with the Prefork | +| | | | | | MPM module, allows local... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3303 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-0456 | | | | httpd: mod_negotiation CRLF | +| | | | | | injection via untrusted file names | +| | | | | | in directories with MultiViews... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-0456 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| apache2-bin | CVE-2001-1534 | | | | mod_usertrack in Apache | +| | | | | | 1.3.11 through 1.3.20 | +| | | | | | generates session ID's using | +| | | | | | predictable information... | +| | | | | | -->avd.aquasec.com/nvd/cve-2001-1534 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1307 | | | | ** DISPUTED ** The mod_php module | +| | | | | | for the Apache HTTP Server... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1307 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1580 | | | | The Apache HTTP Server | +| | | | | | 2.0.44, when DNS resolution | +| | | | | | is enabled for client... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1581 | | | | httpd: Injection of arbitrary | +| | | | | | text into log files when | +| | | | | | DNS resolution is... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-0086 | | | | ** DISPUTED ** The Apache HTTP | +| | | | | | Server, when accessed through a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-0086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-1743 | | | | suexec in Apache HTTP Server | +| | | | | | (httpd) 2.2.3 does not | +| | | | | | verify combinations of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-1743 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3303 | | | | Apache httpd 2.0.59 and | +| | | | | | 2.2.4, with the Prefork | +| | | | | | MPM module, allows local... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3303 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-0456 | | | | httpd: mod_negotiation CRLF | +| | | | | | injection via untrusted file names | +| | | | | | in directories with MultiViews... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-0456 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| apache2-data | CVE-2001-1534 | | | | mod_usertrack in Apache | +| | | | | | 1.3.11 through 1.3.20 | +| | | | | | generates session ID's using | +| | | | | | predictable information... | +| | | | | | -->avd.aquasec.com/nvd/cve-2001-1534 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1307 | | | | ** DISPUTED ** The mod_php module | +| | | | | | for the Apache HTTP Server... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1307 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1580 | | | | The Apache HTTP Server | +| | | | | | 2.0.44, when DNS resolution | +| | | | | | is enabled for client... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1581 | | | | httpd: Injection of arbitrary | +| | | | | | text into log files when | +| | | | | | DNS resolution is... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-0086 | | | | ** DISPUTED ** The Apache HTTP | +| | | | | | Server, when accessed through a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-0086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-1743 | | | | suexec in Apache HTTP Server | +| | | | | | (httpd) 2.2.3 does not | +| | | | | | verify combinations of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-1743 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3303 | | | | Apache httpd 2.0.59 and | +| | | | | | 2.2.4, with the Prefork | +| | | | | | MPM module, allows local... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3303 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-0456 | | | | httpd: mod_negotiation CRLF | +| | | | | | injection via untrusted file names | +| | | | | | in directories with MultiViews... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-0456 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| apache2-utils | CVE-2001-1534 | | | | mod_usertrack in Apache | +| | | | | | 1.3.11 through 1.3.20 | +| | | | | | generates session ID's using | +| | | | | | predictable information... | +| | | | | | -->avd.aquasec.com/nvd/cve-2001-1534 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1307 | | | | ** DISPUTED ** The mod_php module | +| | | | | | for the Apache HTTP Server... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1307 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1580 | | | | The Apache HTTP Server | +| | | | | | 2.0.44, when DNS resolution | +| | | | | | is enabled for client... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2003-1581 | | | | httpd: Injection of arbitrary | +| | | | | | text into log files when | +| | | | | | DNS resolution is... | +| | | | | | -->avd.aquasec.com/nvd/cve-2003-1581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-0086 | | | | ** DISPUTED ** The Apache HTTP | +| | | | | | Server, when accessed through a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-0086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-1743 | | | | suexec in Apache HTTP Server | +| | | | | | (httpd) 2.2.3 does not | +| | | | | | verify combinations of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-1743 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3303 | | | | Apache httpd 2.0.59 and | +| | | | | | 2.2.4, with the Prefork | +| | | | | | MPM module, allows local... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3303 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-0456 | | | | httpd: mod_negotiation CRLF | +| | | | | | injection via untrusted file names | +| | | | | | in directories with MultiViews... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-0456 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| apt | CVE-2011-3374 | | 2.2.4 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| binutils | CVE-2017-13716 | | 2.35.2-2 | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| binutils-common | CVE-2017-13716 | | | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| binutils-x86-64-linux-gnu | CVE-2017-13716 | | | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| busybox-static | CVE-2021-42377 | CRITICAL | 1:1.30.1-6 | | busybox: an attacker-controlled | +| | | | | | pointer free in hush applet | +| | | | | | leads to denial of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42377 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-28831 | HIGH | | | busybox: invalid free or segmentation | +| | | | | | fault via malformed gzip data | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-28831 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42378 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42379 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42380 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42381 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42382 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42383 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42384 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42385 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42386 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2018-1000500 | LOW | | | busybox: wget: Missing | +| | | | | | SSL certificate validation | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000500 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42373 | | | | busybox: NULL pointer | +| | | | | | dereference in man applet | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42373 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42374 | | | | busybox: out-of-bounds read | +| | | | | | in unlzma applet leads to | +| | | | | | information leak and denial... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42375 | | | | busybox: incorrect handling | +| | | | | | of a special element in | +| | | | | | ash applet leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42375 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42376 | | | | busybox: NULL pointer | +| | | | | | dereference in hush applet | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42376 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| coreutils | CVE-2016-2781 | | 8.32-4 | | coreutils: Non-privileged | +| | | | | | session can escape to the | +| | | | | | parent session in chroot | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-18018 | | | | coreutils: race condition | +| | | | | | vulnerability in chown and chgrp | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| curl | CVE-2021-22945 | CRITICAL | 7.74.0-1.3 | | curl: use-after-free and | +| | | | | | double-free in MQTT sending | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22945 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22946 | HIGH | | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| imagemagick-6-common | CVE-2021-20309 | HIGH | 8:6.9.11.60+dfsg-1.3 | | ImagemMagick: Division | +| | | | | | by zero in WaveImage() of | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20309 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20312 | | | | ImageMagick: Integer overflow | +| | | | | | in WriteTHUMBNAILImage | +| | | | | | of coders/thumbnail.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20312 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20313 | | | | ImageMagick: Cipher leak when | +| | | | | | the calculating signatures | +| | | | | | in TransformSignatureof | +| | | | | | MagickCore/signature.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20313 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-20241 | MEDIUM | | | ImageMagick: Division by zero in | +| | | | | | WriteJP2Image() in coders/jp2.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20241 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20243 | | | | ImageMagick: Division by | +| | | | | | zero in GetResizeFilterWeight | +| | | | | | in MagickCore/resize.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20243 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20244 | | | | ImageMagick: Division by | +| | | | | | zero in ImplodeImage in | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20244 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20245 | | | | ImageMagick: Division by zero | +| | | | | | in WriteAnimatedWEBPImage() | +| | | | | | in coders/webp.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20246 | | | | ImageMagick: Division by | +| | | | | | zero in ScaleResampleFilter | +| | | | | | in MagickCore/resample.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-39212 | | | | ImageMagick: possible read | +| | | | | | or write in postscript files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39212 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2005-0406 | LOW | | | A design flaw in image | +| | | | | | processing software that | +| | | | | | modifies JPEG images might... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-0406 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-3134 | | | | GraphicsMagick/ImageMagick: | +| | | | | | multiple crash or DoS issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-3134 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-8678 | | | | ImageMagick: Heap-buffer | +| | | | | | overflow in IsPixelMonochrome | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-8678 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11754 | | | | ImageMagick: Memory leak | +| | | | | | in WritePICONImage function | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11754 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11755 | | | | ImageMagick: Memory leak in | +| | | | | | WritePICONImage function via | +| | | | | | mishandled AcquireSemaphoreInfo call | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7275 | | | | ImageMagick: Memory allocation | +| | | | | | failure in AcquireMagickMemory | +| | | | | | (incomplete fix for CVE-2016-8866) | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7275 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-15607 | | | | ImageMagick: CPU Exhaustion | +| | | | | | via crafted input file | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-15607 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20311 | | | | ImageMagick: Division by | +| | | | | | zero in sRGBTransformImage() | +| | | | | | in MagickCore/colorspace.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20311 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-34183 | | | | ImageMagick: memory leak | +| | | | | | in AcquireSemaphoreMemory() | +| | | | | | in semaphore.c and | +| | | | | | AcquireMagickMemory() in memory.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-34183 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libaom0 | CVE-2021-30473 | CRITICAL | 1.0.0.errata1-3 | | aom_image.c in libaom in | +| | | | | | AOMedia before 2021-04-07 | +| | | | | | frees memory that is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-30473 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-30474 | | | | aom_dsp/grain_table.c in | +| | | | | | libaom in AOMedia before | +| | | | | | 2021-03-30 has a use-after-free. | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-30474 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-30475 | | | | aom_dsp/noise_model.c in libaom | +| | | | | | in AOMedia before 2021-03-24 | +| | | | | | has a buffer overflow. | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-30475 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libapt-pkg6.0 | CVE-2011-3374 | LOW | 2.2.4 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libbinutils | CVE-2017-13716 | | 2.35.2-2 | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libc-bin | CVE-2021-33574 | CRITICAL | 2.31-13+deb11u2 | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43396 | | | | glibc: conversion from | +| | | | | | ISO-2022-JP-3 with iconv may | +| | | | | | emit spurious NUL character on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc-dev-bin | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43396 | | | | glibc: conversion from | +| | | | | | ISO-2022-JP-3 with iconv may | +| | | | | | emit spurious NUL character on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc6 | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43396 | | | | glibc: conversion from | +| | | | | | ISO-2022-JP-3 with iconv may | +| | | | | | emit spurious NUL character on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc6-dev | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43396 | | | | glibc: conversion from | +| | | | | | ISO-2022-JP-3 with iconv may | +| | | | | | emit spurious NUL character on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libctf-nobfd0 | CVE-2017-13716 | | 2.35.2-2 | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libctf0 | CVE-2017-13716 | | | | binutils: Memory leak with the C++ | +| | | | | | symbol demangler routine in libiberty | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13716 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12934 | | | | binutils: Uncontrolled | +| | | | | | Resource Consumption in | +| | | | | | remember_Ktype in cplus-dem.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-18483 | | | | binutils: Integer overflow | +| | | | | | in cplus-dem.c:get_count() | +| | | | | | allows for denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-18483 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20623 | | | | binutils: Use-after-free | +| | | | | | in the error function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20623 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20673 | | | | libiberty: Integer overflow in | +| | | | | | demangle_template() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20712 | | | | libiberty: heap-based buffer | +| | | | | | over-read in d_expression_1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20712 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-9996 | | | | binutils: Stack-overflow in | +| | | | | | libiberty/cplus-dem.c causes crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-9996 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010204 | | | | binutils: Improper Input Validation, | +| | | | | | Signed/Unsigned Comparison, | +| | | | | | Out-of-bounds Read in gold/fileread.cc | +| | | | | | and elfcpp/elfcpp_file.h... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010204 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35448 | | | | binutils: Heap-based buffer overflow | +| | | | | | in bfd_getl_signed_32() in libbfd.c | +| | | | | | because sh_entsize is not... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35448 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20197 | | | | binutils: Race window allows | +| | | | | | users to own arbitrary files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20197 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20284 | | | | binutils: Heap-based | +| | | | | | buffer overflow in | +| | | | | | _bfd_elf_slurp_secondary_reloc_section | +| | | | | | in elf.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20284 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3487 | | | | binutils: Excessive debug | +| | | | | | section size can cause excessive | +| | | | | | memory consumption in bfd's... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3487 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3530 | | | | binutils: stack memory exhaustion in | +| | | | | | demangle_path() in rust-demangle.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3530 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3549 | | | | binutils: heap-based | +| | | | | | buffer overflow in | +| | | | | | avr_elf32_load_records_from_section() | +| | | | | | via large section parameter | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3549 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3648 | | | | binutils: infinite loop | +| | | | | | while demangling rust symbols | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3648 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-37322 | | | | GCC c++filt v2.26 was discovered | +| | | | | | to contain a use-after-free | +| | | | | | vulnerability via the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37322 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libcurl4 | CVE-2021-22945 | CRITICAL | 7.74.0-1.3 | | curl: use-after-free and | +| | | | | | double-free in MQTT sending | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22945 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22946 | HIGH | | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libde265-0 | CVE-2020-21598 | HIGH | 1.0.8-1 | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | ff_hevc_put_unweighted_pred_8_sse | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21598 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-21594 | MEDIUM | | | libde265 v1.0.4 contains | +| | | | | | a heap buffer overflow in | +| | | | | | the put_epel_hv_fallback | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21594 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21595 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | mc_luma function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21595 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21596 | | | | libde265 v1.0.4 contains a | +| | | | | | global buffer overflow in the | +| | | | | | decode_CABAC_bit function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21596 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21597 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | mc_chroma function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21597 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21599 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | de265_image::available_zscan | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21599 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21600 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | put_weighted_pred_avg_16_fallback | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21600 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21601 | | | | libde265 v1.0.4 contains a | +| | | | | | stack buffer overflow in the | +| | | | | | put_qpel_fallback function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21601 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21602 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | put_weighted_bipred_16_fallback | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21602 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21603 | | | | libde265 v1.0.4 contains a | +| | | | | | heap buffer overflow in the | +| | | | | | put_qpel_0_0_fallback_16 | +| | | | | | function, which... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21603 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21604 | | | | libde265 v1.0.4 contains a heap | +| | | | | | buffer overflow fault in the | +| | | | | | _mm_loadl_epi64 function,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21604 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21605 | | | | libde265 v1.0.4 contains | +| | | | | | a segmentation fault in | +| | | | | | the apply_sao_internal | +| | | | | | function, which can... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21605 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-21606 | | | | libde265 v1.0.4 contains a heap | +| | | | | | buffer overflow fault in the | +| | | | | | put_epel_16_fallback function,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-21606 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libexpat1 | CVE-2013-0340 | LOW | 2.2.10-2 | | expat: internal entity expansion | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-0340 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libgcrypt20 | CVE-2021-33560 | HIGH | 1.8.7-6 | | libgcrypt: mishandles ElGamal | +| | | | | | encryption because it lacks | +| | | | | | exponent blinding to address a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33560 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation | +| | | | | | doesn't have semantic security due | +| | | | | | to incorrectly encoded plaintexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libglib2.0-0 | CVE-2012-0039 | | 2.66.8-1 | | glib2: hash table | +| | | | | | collisions CPU usage DoS | +| | | | | | -->avd.aquasec.com/nvd/cve-2012-0039 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libgmp10 | CVE-2021-43618 | HIGH | 2:6.2.1+dfsg-1 | | gmp: Integer overflow and resultant | +| | | | | | buffer overflow via crafted input | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43618 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libgnutls30 | CVE-2011-3389 | LOW | 3.7.1-5 | | HTTPS: block-wise chosen-plaintext | +| | | | | | attack against SSL/TLS (BEAST) | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libgssapi-krb5-2 | CVE-2004-0971 | | 1.18.3-6+deb11u1 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libheif1 | CVE-2020-23109 | HIGH | 1.11.0-1 | | Buffer overflow vulnerability | +| | | | | | in function convert_colorspace | +| | | | | | in heif_colorconversion.cc | +| | | | | | in libheif v1.6.2, allows... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-23109 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libjansson4 | CVE-2020-36325 | LOW | 2.13.1-1.1 | | jansson: out-of-bounds read in | +| | | | | | json_loads() due to a parsing error | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-36325 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libjbig0 | CVE-2017-9937 | | 2.1-3.1 | | libtiff: memory malloc failure | +| | | | | | in tif_jbig.c could cause DOS. | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-9937 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libk5crypto3 | CVE-2004-0971 | | 1.18.3-6+deb11u1 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5-3 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5support0 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libldap-2.4-2 | CVE-2015-3276 | | 2.4.57+dfsg-3 | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++---------------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libldap-common | CVE-2015-3276 | | | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| liblua5.3-0 | CVE-2019-6706 | HIGH | 5.3.3-1.1 | | lua: use-after-free in | +| | | | | | lua_upvaluejoin in lapi.c | +| | | | | | resulting in denial of service | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-6706 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-24370 | MEDIUM | | | lua: segmentation fault in getlocal | +| | | | | | and setlocal functions in ldebug.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-24370 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43519 | | | | Stack overflow in lua_resume | +| | | | | | of ldo.c in Lua Interpreter | +| | | | | | 5.1.0~5.4.4 allows attackers... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43519 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libmagickcore-6.q16-6 | CVE-2021-20309 | HIGH | 8:6.9.11.60+dfsg-1.3 | | ImagemMagick: Division | +| | | | | | by zero in WaveImage() of | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20309 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20312 | | | | ImageMagick: Integer overflow | +| | | | | | in WriteTHUMBNAILImage | +| | | | | | of coders/thumbnail.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20312 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20313 | | | | ImageMagick: Cipher leak when | +| | | | | | the calculating signatures | +| | | | | | in TransformSignatureof | +| | | | | | MagickCore/signature.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20313 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-20241 | MEDIUM | | | ImageMagick: Division by zero in | +| | | | | | WriteJP2Image() in coders/jp2.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20241 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20243 | | | | ImageMagick: Division by | +| | | | | | zero in GetResizeFilterWeight | +| | | | | | in MagickCore/resize.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20243 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20244 | | | | ImageMagick: Division by | +| | | | | | zero in ImplodeImage in | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20244 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20245 | | | | ImageMagick: Division by zero | +| | | | | | in WriteAnimatedWEBPImage() | +| | | | | | in coders/webp.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20246 | | | | ImageMagick: Division by | +| | | | | | zero in ScaleResampleFilter | +| | | | | | in MagickCore/resample.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-39212 | | | | ImageMagick: possible read | +| | | | | | or write in postscript files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39212 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2005-0406 | LOW | | | A design flaw in image | +| | | | | | processing software that | +| | | | | | modifies JPEG images might... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-0406 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-3134 | | | | GraphicsMagick/ImageMagick: | +| | | | | | multiple crash or DoS issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-3134 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-8678 | | | | ImageMagick: Heap-buffer | +| | | | | | overflow in IsPixelMonochrome | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-8678 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11754 | | | | ImageMagick: Memory leak | +| | | | | | in WritePICONImage function | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11754 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11755 | | | | ImageMagick: Memory leak in | +| | | | | | WritePICONImage function via | +| | | | | | mishandled AcquireSemaphoreInfo call | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7275 | | | | ImageMagick: Memory allocation | +| | | | | | failure in AcquireMagickMemory | +| | | | | | (incomplete fix for CVE-2016-8866) | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7275 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-15607 | | | | ImageMagick: CPU Exhaustion | +| | | | | | via crafted input file | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-15607 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20311 | | | | ImageMagick: Division by | +| | | | | | zero in sRGBTransformImage() | +| | | | | | in MagickCore/colorspace.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20311 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-34183 | | | | ImageMagick: memory leak | +| | | | | | in AcquireSemaphoreMemory() | +| | | | | | in semaphore.c and | +| | | | | | AcquireMagickMemory() in memory.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-34183 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libmagickwand-6.q16-6 | CVE-2021-20309 | HIGH | | | ImagemMagick: Division | +| | | | | | by zero in WaveImage() of | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20309 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20312 | | | | ImageMagick: Integer overflow | +| | | | | | in WriteTHUMBNAILImage | +| | | | | | of coders/thumbnail.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20312 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20313 | | | | ImageMagick: Cipher leak when | +| | | | | | the calculating signatures | +| | | | | | in TransformSignatureof | +| | | | | | MagickCore/signature.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20313 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-20241 | MEDIUM | | | ImageMagick: Division by zero in | +| | | | | | WriteJP2Image() in coders/jp2.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20241 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20243 | | | | ImageMagick: Division by | +| | | | | | zero in GetResizeFilterWeight | +| | | | | | in MagickCore/resize.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20243 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20244 | | | | ImageMagick: Division by | +| | | | | | zero in ImplodeImage in | +| | | | | | MagickCore/visual-effects.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20244 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20245 | | | | ImageMagick: Division by zero | +| | | | | | in WriteAnimatedWEBPImage() | +| | | | | | in coders/webp.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20246 | | | | ImageMagick: Division by | +| | | | | | zero in ScaleResampleFilter | +| | | | | | in MagickCore/resample.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-39212 | | | | ImageMagick: possible read | +| | | | | | or write in postscript files | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39212 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2005-0406 | LOW | | | A design flaw in image | +| | | | | | processing software that | +| | | | | | modifies JPEG images might... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-0406 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-3134 | | | | GraphicsMagick/ImageMagick: | +| | | | | | multiple crash or DoS issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-3134 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-8678 | | | | ImageMagick: Heap-buffer | +| | | | | | overflow in IsPixelMonochrome | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-8678 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11754 | | | | ImageMagick: Memory leak | +| | | | | | in WritePICONImage function | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11754 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-11755 | | | | ImageMagick: Memory leak in | +| | | | | | WritePICONImage function via | +| | | | | | mishandled AcquireSemaphoreInfo call | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7275 | | | | ImageMagick: Memory allocation | +| | | | | | failure in AcquireMagickMemory | +| | | | | | (incomplete fix for CVE-2016-8866) | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7275 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-15607 | | | | ImageMagick: CPU Exhaustion | +| | | | | | via crafted input file | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-15607 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20311 | | | | ImageMagick: Division by | +| | | | | | zero in sRGBTransformImage() | +| | | | | | in MagickCore/colorspace.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20311 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-34183 | | | | ImageMagick: memory leak | +| | | | | | in AcquireSemaphoreMemory() | +| | | | | | in semaphore.c and | +| | | | | | AcquireMagickMemory() in memory.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-34183 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libncurses6 | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++---------------------------+ + + +---------------+ + +| libncursesw6 | | | | | | +| | | | | | | +| | | | | | | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libopenjp2-7 | CVE-2021-3575 | HIGH | 2.4.0-3 | | openjpeg: heap-buffer-overflow | +| | | | | | in color.c may lead to DoS or | +| | | | | | arbitrary code execution... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3575 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-29338 | MEDIUM | | | openjpeg: out-of-bounds write due to | +| | | | | | an integer overflow in opj_compress.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-29338 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2016-10505 | LOW | | | openjpeg: NULL pointer dereference | +| | | | | | in imagetopnm function in convert.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10505 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10506 | | | | openjpeg: Division by zero in | +| | | | | | functions opj_pi_next_cprl, | +| | | | | | opj_pi_next_pcrl, and | +| | | | | | opj_pi_next_rpcl in pi.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10506 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9113 | | | | CVE-2016-9114 CVE-2016-9115 | +| | | | | | CVE-2016-9116 CVE-2016-9117 | +| | | | | | CVE-2016-9118 openjpeg2: | +| | | | | | Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9113 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9114 | | | | CVE-2016-9113 CVE-2016-9114 | +| | | | | | CVE-2016-9115 CVE-2016-9116 | +| | | | | | CVE-2016-9117 CVE-2016-9118 | +| | | | | | openjpeg2: Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9114 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9115 | | | | CVE-2016-9113 CVE-2016-9114 | +| | | | | | CVE-2016-9115 CVE-2016-9116 | +| | | | | | CVE-2016-9117 CVE-2016-9118 | +| | | | | | openjpeg2: Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9115 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9116 | | | | CVE-2016-9113 CVE-2016-9114 | +| | | | | | CVE-2016-9115 CVE-2016-9116 | +| | | | | | CVE-2016-9117 CVE-2016-9118 | +| | | | | | openjpeg2: Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9116 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9117 | | | | CVE-2016-9113 CVE-2016-9114 | +| | | | | | CVE-2016-9115 CVE-2016-9116 | +| | | | | | CVE-2016-9117 CVE-2016-9118 | +| | | | | | openjpeg2: Multiple security issues | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9117 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9580 | | | | openjpeg2: Integer overflow | +| | | | | | in tiftoimage causes | +| | | | | | heap buffer overflow | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9580 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-9581 | | | | openjpeg2: Infinite loop | +| | | | | | in tiftoimage resulting | +| | | | | | into heap buffer overflow | +| | | | | | in convert_32s_C1P1... | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9581 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17479 | | | | openjpeg: Stack-buffer overflow | +| | | | | | in the pgxtoimage function | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17479 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-16375 | | | | openjpeg: Heap-based buffer | +| | | | | | overflow in pnmtoimage | +| | | | | | function in bin/jpwl/convert.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-16375 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-16376 | | | | openjpeg: Heap-based buffer overflow | +| | | | | | in function t2_encode_packet | +| | | | | | in src/lib/openmj2/t2.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-16376 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20846 | | | | openjpeg: out-of-bounds read in | +| | | | | | functions pi_next_lrcp, pi_next_rlcp, | +| | | | | | pi_next_rpcl, pi_next_pcrl, | +| | | | | | pi_next_rpcl, and pi_next_cprl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20846 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-6988 | | | | openjpeg: DoS via memory | +| | | | | | exhaustion in opj_decompress | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-6988 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libpcre3 | CVE-2017-11164 | | 2:8.39-13 | | pcre: OP_KETRMAX feature in the | +| | | | | | match function in pcre_exec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-16231 | | | | pcre: self-recursive call | +| | | | | | in match() in pcre_exec.c | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20838 | | | | pcre: Buffer over-read in JIT | +| | | | | | when UTF is disabled and \X or... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| libperl5.32 | CVE-2020-16156 | MEDIUM | 5.32.1-4+deb11u2 | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libpng16-16 | CVE-2019-6129 | | 1.6.37-3 | | libpng: memory leak of | +| | | | | | png_info struct in pngcp.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-6129 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libsepol1 | CVE-2021-36084 | | 3.1-1 | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36084 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36085 | | | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36085 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36086 | | | | libsepol: use-after-free in | +| | | | | | cil_reset_classpermission() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36087 | | | | libsepol: heap-based buffer | +| | | | | | overflow in ebitmap_match_any() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36087 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libsqlite3-0 | CVE-2021-36690 | | 3.34.1-3 | | ** DISPUTED ** A segmentation | +| | | | | | fault can occur in the | +| | | | | | sqlite3.exe command-line... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36690 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libssl1.1 | CVE-2007-6755 | | 1.1.1k-1+deb11u1 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libsystemd0 | CVE-2013-4392 | | 247.3-6 | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libtiff5 | CVE-2014-8130 | | 4.2.0-1 | | libtiff: divide by zero | +| | | | | | in the tiffdither tool | +| | | | | | -->avd.aquasec.com/nvd/cve-2014-8130 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-16232 | | | | libtiff: Memory leaks in | +| | | | | | tif_open.c, tif_lzw.c, and tif_aux.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16232 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17973 | | | | libtiff: heap-based use after | +| | | | | | free in tiff2pdf.c:t2p_writeproc | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17973 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-5563 | | | | libtiff: Heap-buffer overflow | +| | | | | | in LZWEncode tif_lzw.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-5563 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-9117 | | | | libtiff: Heap-based buffer | +| | | | | | over-read in bmp2tiff | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-9117 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-10126 | | | | libtiff: NULL pointer dereference | +| | | | | | in the jpeg_fdct_16x16 | +| | | | | | function in jfdctint.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-10126 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libtinfo6 | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libudev1 | CVE-2013-4392 | | 247.3-6 | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| libwebp6 | CVE-2016-9085 | | 0.6.1-2.1 | | libwebp: Several integer overflows | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9085 | ++---------------------------+ + + +---------------+ + +| libwebpdemux2 | | | | | | +| | | | | | | ++---------------------------+ + + +---------------+ + +| libwebpmux3 | | | | | | +| | | | | | | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| linux-libc-dev | CVE-2021-43267 | CRITICAL | 5.10.70-1 | | kernel: Insufficient validation | +| | | | | | of user-supplied sizes for | +| | | | | | the MSG_CRYPTO message type | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43267 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2013-7445 | HIGH | | | kernel: memory exhaustion via | +| | | | | | crafted Graphics Execution | +| | | | | | Manager (GEM) objects | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-7445 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19378 | | | | kernel: out-of-bounds write in | +| | | | | | index_rbio_pages in fs/btrfs/raid56.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19378 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19449 | | | | kernel: mounting a crafted | +| | | | | | f2fs filesystem image can lead | +| | | | | | to slab-out-of-bounds read... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19449 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19814 | | | | kernel: out-of-bounds write | +| | | | | | in __remove_dirty_segment | +| | | | | | in fs/f2fs/segment.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19814 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-12362 | | | | kernel: Integer overflow in | +| | | | | | Intel(R) Graphics Drivers | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-12362 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26556 | | | | kernel: malleable commitment | +| | | | | | Bluetooth Mesh Provisioning | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26556 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26557 | | | | kernel: predictable | +| | | | | | Authvalue in Bluetooth Mesh | +| | | | | | Provisioning Leads to MITM | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26557 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26559 | | | | kernel: Authvalue leak in | +| | | | | | Bluetooth Mesh Provisioning | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26559 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26560 | | | | kernel: impersonation attack | +| | | | | | in Bluetooth Mesh Provisioning | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26560 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3752 | | | | kernel: possible use-after-free | +| | | | | | in bluetooth module | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-4001 | | | | kernel: race condition | +| | | | | | when the EBPF map is frozen | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-4001 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-4028 | | | | kernel: use-after-free | +| | | | | | in RDMA listen() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-4028 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-41864 | | | | kernel: eBPF multiplication | +| | | | | | integer overflow in | +| | | | | | prealloc_elems_and_freelist() | +| | | | | | in kernel/bpf/stackmap.c | +| | | | | | leads to out-of-bounds... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-41864 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-15213 | MEDIUM | | | kernel: use-after-free caused | +| | | | | | by malicious USB device in | +| | | | | | drivers/media/usb/dvb-usb/dvb-usb-init.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15213 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15794 | | | | kernel: Overlayfs in the | +| | | | | | Linux kernel and shiftfs | +| | | | | | not restoring original... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15794 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16089 | | | | kernel: Improper return check | +| | | | | | in nbd_genl_status function | +| | | | | | in drivers/block/nbd.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16089 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20794 | | | | kernel: task processes not | +| | | | | | being properly ended could | +| | | | | | lead to resource exhaustion... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20794 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-12363 | | | | kernel: Improper input validation | +| | | | | | in some Intel(R) Graphics Drivers | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-12363 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-12364 | | | | kernel: Null pointer dereference | +| | | | | | in some Intel(R) Graphics Drivers | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-12364 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-14304 | | | | kernel: ethtool when reading | +| | | | | | eeprom of device could | +| | | | | | lead to memory leak... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-14304 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15802 | | | | hardware: BLURtooth: "Dual | +| | | | | | mode" hardware using CTKD are | +| | | | | | vulnerable to key overwrite... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15802 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-24504 | | | | kernel: Uncontrolled resource | +| | | | | | consumption in some Intel(R) | +| | | | | | Ethernet E810 Adapter drivers | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-24504 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-26555 | | | | kernel: Bluetooth BR/EDR PIN | +| | | | | | Pairing procedure is vulnerable | +| | | | | | to an impersonation attack... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-26555 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20321 | | | | kernel: In Overlayfs missing | +| | | | | | a check for a negative | +| | | | | | dentry before calling... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20321 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3640 | | | | kernel: use-after-free vulnerability | +| | | | | | in function sco_sock_sendmsg() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3640 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3669 | | | | kernel: reading /proc/sysvipc/shm | +| | | | | | does not scale with large | +| | | | | | shared memory segment counts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3669 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3744 | | | | kernel: crypto: ccp - fix resource | +| | | | | | leaks in ccp_run_aes_gcm_cmd() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3744 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3759 | | | | kernel: unaccounted ipc | +| | | | | | objects in Linux kernel lead | +| | | | | | to breaking memcg limits... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3759 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3764 | | | | kernel: DoS in | +| | | | | | ccp_run_aes_gcm_cmd() function | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3764 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3772 | | | | kernel: sctp: Invalid chunks | +| | | | | | may be used to remotely remove | +| | | | | | existing associations... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3772 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3847 | | | | kernel: low-privileged | +| | | | | | user privileges escalation | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3847 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3892 | | | | kernel: memory leak | +| | | | | | in fib6_rule_suppress | +| | | | | | could result in DoS | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3892 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-4002 | | | | kernel: possible leak or coruption | +| | | | | | of data residing on hugetlbfs | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-4002 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-4037 | | | | kernel: security regression | +| | | | | | for CVE-2018-13405 | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-4037 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42327 | | | | kernel: heap-based buffer overflow | +| | | | | | in dp_link_settings_write() in | +| | | | | | drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42327 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-42739 | | | | kernel: Heap buffer | +| | | | | | overflow in firedtv driver | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42739 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43056 | | | | kernel: ppc: kvm: allows a malicious | +| | | | | | KVM guest to crash the host... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43056 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43389 | | | | kernel: an array-index-out-bounds | +| | | | | | in detach_capi_ctr in | +| | | | | | drivers/isdn/capi/kcapi.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43389 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43975 | | | | kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in | +| | | | | | drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43975 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-43976 | | | | kernel: mwifiex_usb_recv() in | +| | | | | | drivers/net/wireless/marvell/mwifiex/usb.c | +| | | | | | allows an attacker to | +| | | | | | cause DoS via crafted... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43976 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2004-0230 | LOW | | | TCP, when using a large Window | +| | | | | | Size, makes it easier for remote... | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0230 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2005-3660 | | | | Linux kernel 2.4 and 2.6 allows | +| | | | | | attackers to cause a denial of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-3660 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2007-3719 | | | | kernel: secretly Monopolizing the | +| | | | | | CPU Without Superuser Privileges | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-3719 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-2544 | | | | kernel: mounting proc | +| | | | | | readonly on a different mount | +| | | | | | point silently mounts it... | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-2544 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-4609 | | | | kernel: TCP protocol | +| | | | | | vulnerabilities from Outpost24 | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-4609 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-4563 | | | | kernel: ipv6: sniffer detection | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4563 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-5321 | | | | kernel: v4l: videobuf: hotfix a | +| | | | | | bug on multiple calls to mmap() | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-5321 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2011-4915 | | | | fs/proc/base.c in the Linux | +| | | | | | kernel through 3.1 allows | +| | | | | | local users to obtain... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4915 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2011-4917 | | | | -->avd.aquasec.com/nvd/cve-2011-4917 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2012-4542 | | | | kernel: block: default SCSI | +| | | | | | command filter does not accomodate | +| | | | | | commands overlap across... | +| | | | | | -->avd.aquasec.com/nvd/cve-2012-4542 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2014-9892 | | | | The snd_compr_tstamp function in | +| | | | | | sound/core/compress_offload.c in | +| | | | | | the Linux kernel through 4.7, as... | +| | | | | | -->avd.aquasec.com/nvd/cve-2014-9892 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2014-9900 | | | | kernel: Info leak in uninitialized | +| | | | | | structure ethtool_wolinfo | +| | | | | | in ethtool_get_wol() | +| | | | | | -->avd.aquasec.com/nvd/cve-2014-9900 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2015-2877 | | | | Kernel: Cross-VM ASL | +| | | | | | INtrospection (CAIN) | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-2877 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10723 | | | | ** DISPUTED ** An issue | +| | | | | | was discovered in the | +| | | | | | Linux kernel through... | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10723 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-8660 | | | | kernel: xfs: local DoS due to | +| | | | | | a page lock order bug in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-8660 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-0630 | | | | kernel: Information | +| | | | | | disclosure vulnerability | +| | | | | | in kernel trace subsystem | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-0630 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-13693 | | | | kernel: ACPI operand | +| | | | | | cache leak in dsutils.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13693 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-13694 | | | | kernel: ACPI node and | +| | | | | | node_ext cache leak | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-13694 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-1121 | | | | procps-ng, procps: process | +| | | | | | hiding through race | +| | | | | | condition enumerating /proc | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-1121 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-12928 | | | | kernel: NULL pointer dereference | +| | | | | | in hfs_ext_read_extent in hfs.ko | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12928 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-17977 | | | | kernel: Mishandled interactions among | +| | | | | | XFRM Netlink messages, IPPROTO_AH | +| | | | | | packets, and IPPROTO_IP packets... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-17977 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-11191 | | | | kernel: race condition in | +| | | | | | load_aout_binary() allows local | +| | | | | | users to bypass ASLR on... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-11191 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12378 | | | | kernel: unchecked kmalloc | +| | | | | | of new_ra in ip6_ra_control | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12378 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12379 | | | | kernel: memory leak in | +| | | | | | con_insert_unipair in | +| | | | | | drivers/tty/vt/consolemap.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12379 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12380 | | | | kernel: memory allocation | +| | | | | | failure in the efi subsystem | +| | | | | | leads to denial of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12380 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12381 | | | | kernel: unchecked kmalloc | +| | | | | | of new_ra in ip_ra_control | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12381 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12382 | | | | kernel: unchecked kstrdup of | +| | | | | | fwstr in drm_load_edid_firmware | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12382 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12455 | | | | kernel: null pointer dereference | +| | | | | | in sunxi_divs_clk_setup in | +| | | | | | drivers/clk/sunxi/clk-sunxi.c | +| | | | | | causing denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12455 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-12456 | | | | kernel: double fetch in the | +| | | | | | MPT3COMMAND case in _ctl_ioctl_main | +| | | | | | in drivers/scsi/mpt3sas/mpt3sas_ctl.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12456 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16229 | | | | kernel: null pointer dereference in | +| | | | | | drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16229 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16230 | | | | kernel: null pointer dereference in | +| | | | | | drivers/gpu/drm/radeon/radeon_display.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16230 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16231 | | | | kernel: null-pointer dereference | +| | | | | | in drivers/net/fjes/fjes_main.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16231 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16232 | | | | kernel: null-pointer dereference in | +| | | | | | drivers/net/wireless/marvell/libertas/if_sdio.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16232 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16233 | | | | kernel: null pointer dereference | +| | | | | | in drivers/scsi/qla2xxx/qla_os.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16233 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-16234 | | | | kernel: null pointer dereference in | +| | | | | | drivers/net/wireless/intel/iwlwifi/pcie/trans.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-16234 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19070 | | | | kernel: A memory leak in the | +| | | | | | spi_gpio_probe() function in | +| | | | | | drivers/spi/spi-gpio.c allows for... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19070 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-11725 | | | | kernel: improper handling of | +| | | | | | private_size*count multiplication | +| | | | | | due to count=info->owner typo | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-11725 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27820 | | | | kernel: use-after-free | +| | | | | | in nouveau kernel module | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27820 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-35501 | | | | kernel: audit not logging access | +| | | | | | to syscall open_by_handle_at for | +| | | | | | users with CAP_DAC_READ_SEARCH... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-35501 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-26934 | | | | An issue was discovered in the Linux | +| | | | | | kernel 4.18 through 5.10.16, as... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-26934 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-32078 | | | | kernel: out-of-bounds read in | +| | | | | | arch/arm/mach-footbridge/personal-pci.c | +| | | | | | due to improper input validation | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-32078 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3760 | | | | kernel: nfc: Use-After-Free | +| | | | | | vulnerability of | +| | | | | | ndev->rf_conn_info object | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3760 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| login | CVE-2007-5686 | | 1:4.8.1-1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| m4 | CVE-2008-1687 | | 1.4.18-5 | | m4: unquoted output of | +| | | | | | maketemp and mkstemp | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-1687 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2008-1688 | | | | m4: code execution via -F argument | +| | | | | | -->avd.aquasec.com/nvd/cve-2008-1688 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| ncurses-base | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++---------------------------+ + + +---------------+ + +| ncurses-bin | | | | | | +| | | | | | | +| | | | | | | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| openssl | CVE-2007-6755 | | 1.1.1k-1+deb11u1 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| passwd | CVE-2007-5686 | | 1:4.8.1-1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| patch | CVE-2010-4651 | | 2.7.6-7 | | patch: directory traversal flaw | +| | | | | | allows for arbitrary file creation | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4651 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-6951 | | | | patch: NULL pointer dereference | +| | | | | | in pch.c:intuit_diff_type() | +| | | | | | causes a crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6951 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-6952 | | | | patch: Double free of memory in | +| | | | | | pch.c:another_hunk() causes a crash | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6952 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ +| perl | CVE-2020-16156 | MEDIUM | 5.32.1-4+deb11u2 | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| perl-base | CVE-2020-16156 | MEDIUM | | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++---------------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| perl-modules-5.32 | CVE-2020-16156 | MEDIUM | | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| re2c | CVE-2018-21232 | | 2.0.3-1 | | re2c: uncontrolled recursion | +| | | | | | that causes stack consumption | +| | | | | | in find_fixed_tags | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-21232 | ++---------------------------+------------------+ +----------------------+---------------+--------------------------------------------------------------+ +| tar | CVE-2005-2541 | | 1.34+dfsg-1 | | tar: does not properly warn the user | +| | | | | | when extracting setuid or setgid... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 | ++---------------------------+------------------+----------+----------------------+---------------+--------------------------------------------------------------+ + +usr/src/nextcloud/3rdparty/composer.lock (composer) +=================================================== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +usr/src/nextcloud/3rdparty/egulias/email-validator/composer.lock (composer) +=========================================================================== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +usr/src/nextcloud/apps/circles/composer.lock (composer) +======================================================= +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +usr/src/nextcloud/apps/files_external/3rdparty/composer.lock (composer) +======================================================================= +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +usr/src/nextcloud/apps/support/composer.lock (composer) +======================================================= +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + +``` + +**Container: ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c** + +``` +2021-12-03T20:42:45.792Z INFO Detected OS: alpine +2021-12-03T20:42:45.792Z INFO Detecting Alpine vulnerabilities... +2021-12-03T20:42:45.794Z INFO Number of language-specific files: 0 + +ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) +========================================================================================================================= +Total: 22 (UNKNOWN: 0, LOW: 0, MEDIUM: 4, HIGH: 18, CRITICAL: 0) + ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42379 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42380 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42381 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42382 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42383 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42384 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42385 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42386 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | ++ +------------------+----------+ +---------------+---------------------------------------+ +| | CVE-2021-42374 | MEDIUM | | 1.33.1-r4 | busybox: out-of-bounds read | +| | | | | | in unlzma applet leads to | +| | | | | | information leak and denial... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | ++ +------------------+ + +---------------+---------------------------------------+ +| | CVE-2021-42375 | | | 1.33.1-r5 | busybox: incorrect handling | +| | | | | | of a special element in | +| | | | | | ash applet leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42375 | ++------------+------------------+----------+ +---------------+---------------------------------------+ +| ssl_client | CVE-2021-42378 | HIGH | | 1.33.1-r6 | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42379 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42380 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42381 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42382 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42383 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42384 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42385 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42386 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | ++ +------------------+----------+ +---------------+---------------------------------------+ +| | CVE-2021-42374 | MEDIUM | | 1.33.1-r4 | busybox: out-of-bounds read | +| | | | | | in unlzma applet leads to | +| | | | | | information leak and denial... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | ++ +------------------+ + +---------------+---------------------------------------+ +| | CVE-2021-42375 | | | 1.33.1-r5 | busybox: incorrect handling | +| | | | | | of a special element in | +| | | | | | ash applet leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42375 | ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +``` + +**Container: bitnami/redis:6.2.6@sha256:61237e1fb2fbc54ad58141057591538d9563d992ba09cf789766a314e9433c07** + +``` +2021-12-03T20:42:47.092Z INFO Detected OS: debian +2021-12-03T20:42:47.092Z INFO Detecting Debian vulnerabilities... +2021-12-03T20:42:47.108Z INFO Number of language-specific files: 2 +2021-12-03T20:42:47.108Z INFO Detecting gobinary vulnerabilities... + +bitnami/redis:6.2.6@sha256:61237e1fb2fbc54ad58141057591538d9563d992ba09cf789766a314e9433c07 (debian 10.11) +========================================================================================================== +Total: 142 (UNKNOWN: 0, LOW: 104, MEDIUM: 11, HIGH: 23, CRITICAL: 4) + ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| bash | CVE-2019-18276 | | 5.0-4 | | bash: when effective UID is not | +| | | | | | equal to its real UID the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| bsdutils | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| coreutils | CVE-2016-2781 | | 8.30-3 | | coreutils: Non-privileged | +| | | | | | session can escape to the | +| | | | | | parent session in chroot | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-18018 | | | | coreutils: race condition | +| | | | | | vulnerability in chown and chgrp | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| curl | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| fdisk | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | gnupg2: OpenPGP Key Certification | +| | | | | | Forgeries with SHA-1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-14855 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libapt-pkg5.0 | CVE-2011-3374 | | 1.8.2.3 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libblkid1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libc-bin | CVE-2021-33574 | CRITICAL | 2.28-10 | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc6 | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libcurl4 | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libfdisk1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgcc1 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libgcrypt20 | CVE-2021-33560 | | 1.8.4-5+deb10u1 | | libgcrypt: mishandles ElGamal | +| | | | | | encryption because it lacks | +| | | | | | exponent blinding to address a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33560 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-13627 | MEDIUM | | | libgcrypt: ECDSA timing attack | +| | | | | | allowing private key leak | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-13627 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation | +| | | | | | doesn't have semantic security due | +| | | | | | to incorrectly encoded plaintexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgmp10 | CVE-2021-43618 | HIGH | 2:6.1.2+dfsg-4 | | gmp: Integer overflow and resultant | +| | | | | | buffer overflow via crafted input | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43618 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgnutls30 | CVE-2011-3389 | LOW | 3.6.7-4+deb10u7 | | HTTPS: block-wise chosen-plaintext | +| | | | | | attack against SSL/TLS (BEAST) | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libgssapi-krb5-2 | CVE-2004-0971 | | 1.17-3+deb10u3 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libidn2-0 | CVE-2019-12290 | HIGH | 2.0.5-1+deb10u1 | | GNU libidn2 before 2.2.0 | +| | | | | | fails to perform the roundtrip | +| | | | | | checks specified in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12290 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libk5crypto3 | CVE-2004-0971 | LOW | 1.17-3+deb10u3 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5-3 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5support0 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libldap-2.4-2 | CVE-2015-3276 | | 2.4.47+dfsg-3+deb10u6 | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libldap-common | CVE-2015-3276 | | | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| liblz4-1 | CVE-2019-17543 | | 1.8.3-1+deb10u1 | | lz4: heap-based buffer | +| | | | | | overflow in LZ4_write32 | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libmount1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libncurses6 | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+ + + +---------------+ + +| libncursesw6 | | | | | | +| | | | | | | +| | | | | | | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libnghttp2-14 | CVE-2020-11080 | HIGH | 1.36.0-2+deb10u1 | | nghttp2: overly large SETTINGS | +| | | | | | frames can lead to DoS | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-11080 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libpcre3 | CVE-2020-14155 | MEDIUM | 2:8.39-12 | | pcre: Integer overflow when | +| | | | | | parsing callout numeric arguments | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2017-11164 | LOW | | | pcre: OP_KETRMAX feature in the | +| | | | | | match function in pcre_exec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-16231 | | | | pcre: self-recursive call | +| | | | | | in match() in pcre_exec.c | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20838 | | | | pcre: Buffer over-read in JIT | +| | | | | | when UTF is disabled and \X or... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libseccomp2 | CVE-2019-9893 | | 2.3.3-4 | | libseccomp: incorrect generation | +| | | | | | of syscall filters in libseccomp | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9893 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsepol1 | CVE-2021-36084 | | 2.8-1 | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36084 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36085 | | | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36085 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36086 | | | | libsepol: use-after-free in | +| | | | | | cil_reset_classpermission() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36087 | | | | libsepol: heap-based buffer | +| | | | | | overflow in ebitmap_match_any() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36087 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsmartcols1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libssh2-1 | CVE-2019-13115 | HIGH | 1.8.0-2.1 | | libssh2: integer overflow in | +| | | | | | kex_method_diffie_hellman_group_exchange_sha256_key_exchange | +| | | | | | in kex.c leads to out-of-bounds write | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-13115 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-17498 | LOW | | | libssh2: integer overflow in | +| | | | | | SSH_MSG_DISCONNECT logic in packet.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-17498 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libssl1.1 | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libstdc++6 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsystemd0 | CVE-2019-3843 | | 241-7~deb10u8 | | systemd: services with DynamicUser | +| | | | | | can create SUID/SGID binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-3844 | | | | systemd: services with DynamicUser | +| | | | | | can get new privileges and | +| | | | | | create SGID binaries... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20386 | | | | systemd: memory leak in button_open() | +| | | | | | in login/logind-button.c when | +| | | | | | udev events are received... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13776 | | | | systemd: Mishandles numerical | +| | | | | | usernames beginning with decimal | +| | | | | | digits or 0x followed by... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libtasn1-6 | CVE-2018-1000654 | | 4.13-3 | | libtasn1: Infinite loop in | +| | | | | | _asn1_expand_object_id(ptree) | +| | | | | | leads to memory exhaustion | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libtinfo6 | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libudev1 | CVE-2019-3843 | HIGH | 241-7~deb10u8 | | systemd: services with DynamicUser | +| | | | | | can create SUID/SGID binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-3844 | | | | systemd: services with DynamicUser | +| | | | | | can get new privileges and | +| | | | | | create SGID binaries... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20386 | | | | systemd: memory leak in button_open() | +| | | | | | in login/logind-button.c when | +| | | | | | udev events are received... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13776 | | | | systemd: Mishandles numerical | +| | | | | | usernames beginning with decimal | +| | | | | | digits or 0x followed by... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libuuid1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| login | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-7169 | | | | shadow-utils: newgidmap | +| | | | | | allows unprivileged user to | +| | | | | | drop supplementary groups | +| | | | | | potentially allowing privilege... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| mount | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| ncurses-base | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| openssl | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| passwd | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-7169 | | | | shadow-utils: newgidmap | +| | | | | | allows unprivileged user to | +| | | | | | drop supplementary groups | +| | | | | | potentially allowing privilege... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| perl-base | CVE-2020-16156 | MEDIUM | 5.28.1-6+deb10u1 | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| tar | CVE-2005-2541 | | 1.30+dfsg-6 | | tar: does not properly warn the user | +| | | | | | when extracting setuid or setgid... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9923 | | | | tar: null-pointer dereference | +| | | | | | in pax_decode_header in sparse.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20193 | | | | tar: Memory leak in | +| | | | | | read_header() in list.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20193 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| util-linux | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ + +opt/bitnami/common/bin/gosu (gobinary) +====================================== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +opt/bitnami/common/bin/wait-for-port (gobinary) +=============================================== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + +``` + +**Container: ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c** + +``` +2021-12-03T20:42:47.700Z INFO Detected OS: alpine +2021-12-03T20:42:47.700Z INFO Detecting Alpine vulnerabilities... +2021-12-03T20:42:47.707Z INFO Number of language-specific files: 0 + +ghcr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) +========================================================================================================================= +Total: 22 (UNKNOWN: 0, LOW: 0, MEDIUM: 4, HIGH: 18, CRITICAL: 0) + ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42379 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42380 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42381 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42382 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42383 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42384 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42385 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42386 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | ++ +------------------+----------+ +---------------+---------------------------------------+ +| | CVE-2021-42374 | MEDIUM | | 1.33.1-r4 | busybox: out-of-bounds read | +| | | | | | in unlzma applet leads to | +| | | | | | information leak and denial... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | ++ +------------------+ + +---------------+---------------------------------------+ +| | CVE-2021-42375 | | | 1.33.1-r5 | busybox: incorrect handling | +| | | | | | of a special element in | +| | | | | | ash applet leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42375 | ++------------+------------------+----------+ +---------------+---------------------------------------+ +| ssl_client | CVE-2021-42378 | HIGH | | 1.33.1-r6 | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42379 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42380 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42381 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42382 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42383 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42384 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42385 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | ++ +------------------+ + + +---------------------------------------+ +| | CVE-2021-42386 | | | | busybox: use-after-free in | +| | | | | | awk applet leads to denial | +| | | | | | of service and possibly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | ++ +------------------+----------+ +---------------+---------------------------------------+ +| | CVE-2021-42374 | MEDIUM | | 1.33.1-r4 | busybox: out-of-bounds read | +| | | | | | in unlzma applet leads to | +| | | | | | information leak and denial... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | ++ +------------------+ + +---------------+---------------------------------------+ +| | CVE-2021-42375 | | | 1.33.1-r5 | busybox: incorrect handling | +| | | | | | of a special element in | +| | | | | | ash applet leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-42375 | ++------------+------------------+----------+-------------------+---------------+---------------------------------------+ +``` + +**Container: bitnami/postgresql:14.1.0@sha256:bdfeb12b5f8ae8dedfc2f7cb18a0ba48959c4dacc19176292a2fffd0abacdebe** + +``` +2021-12-03T20:42:48.382Z INFO Detected OS: debian +2021-12-03T20:42:48.382Z INFO Detecting Debian vulnerabilities... +2021-12-03T20:42:48.405Z INFO Number of language-specific files: 2 +2021-12-03T20:42:48.405Z INFO Detecting gobinary vulnerabilities... +2021-12-03T20:42:48.405Z INFO Detecting jar vulnerabilities... + +bitnami/postgresql:14.1.0@sha256:bdfeb12b5f8ae8dedfc2f7cb18a0ba48959c4dacc19176292a2fffd0abacdebe (debian 10.11) +================================================================================================================ +Total: 190 (UNKNOWN: 0, LOW: 130, MEDIUM: 21, HIGH: 31, CRITICAL: 8) + ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| bash | CVE-2019-18276 | | 5.0-4 | | bash: when effective UID is not | +| | | | | | equal to its real UID the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| bsdutils | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| coreutils | CVE-2016-2781 | | 8.30-3 | | coreutils: Non-privileged | +| | | | | | session can escape to the | +| | | | | | parent session in chroot | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-18018 | | | | coreutils: race condition | +| | | | | | vulnerability in chown and chgrp | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| curl | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| fdisk | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | gnupg2: OpenPGP Key Certification | +| | | | | | Forgeries with SHA-1 | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-14855 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libapt-pkg5.0 | CVE-2011-3374 | | 1.8.2.3 | | It was found that apt-key in apt, | +| | | | | | all versions, do not correctly... | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libblkid1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libc-bin | CVE-2021-33574 | CRITICAL | 2.28-10 | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc-l10n | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+----------+ +---------------+--------------------------------------------------------------+ +| libc6 | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libcurl4 | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use | +| | | | | | TLS not properly enforced | +| | | | | | for IMAP, POP3, and... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22947 | MEDIUM | | | curl: Server responses | +| | | | | | received before STARTTLS | +| | | | | | processed after TLS handshake | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2021-22898 | LOW | | | curl: TELNET stack | +| | | | | | contents disclosure | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22922 | | | | curl: Content not matching hash | +| | | | | | in Metalink is not being discarded | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22923 | | | | curl: Metalink download | +| | | | | | sends credentials | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-22924 | | | | curl: Bad connection reuse | +| | | | | | due to flawed path name checks | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libfdisk1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgcc1 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libgcrypt20 | CVE-2021-33560 | | 1.8.4-5+deb10u1 | | libgcrypt: mishandles ElGamal | +| | | | | | encryption because it lacks | +| | | | | | exponent blinding to address a... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33560 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-13627 | MEDIUM | | | libgcrypt: ECDSA timing attack | +| | | | | | allowing private key leak | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-13627 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation | +| | | | | | doesn't have semantic security due | +| | | | | | to incorrectly encoded plaintexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgmp10 | CVE-2021-43618 | HIGH | 2:6.1.2+dfsg-4 | | gmp: Integer overflow and resultant | +| | | | | | buffer overflow via crafted input | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-43618 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libgnutls30 | CVE-2011-3389 | LOW | 3.6.7-4+deb10u7 | | HTTPS: block-wise chosen-plaintext | +| | | | | | attack against SSL/TLS (BEAST) | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libgssapi-krb5-2 | CVE-2004-0971 | | 1.17-3+deb10u3 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libidn2-0 | CVE-2019-12290 | HIGH | 2.0.5-1+deb10u1 | | GNU libidn2 before 2.2.0 | +| | | | | | fails to perform the roundtrip | +| | | | | | checks specified in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-12290 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libk5crypto3 | CVE-2004-0971 | LOW | 1.17-3+deb10u3 | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5-3 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libkrb5support0 | CVE-2004-0971 | | | | security flaw | +| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-5709 | | | | krb5: integer overflow | +| | | | | | in dbentry->n_key_data | +| | | | | | in kadmin/dbutil/dump.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libldap-2.4-2 | CVE-2015-3276 | | 2.4.47+dfsg-3+deb10u6 | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++------------------+------------------+ + +---------------+--------------------------------------------------------------+ +| libldap-common | CVE-2015-3276 | | | | openldap: incorrect multi-keyword | +| | | | | | mode cipherstring parsing | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-14159 | | | | openldap: Privilege escalation | +| | | | | | via PID file manipulation | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-17740 | | | | openldap: | +| | | | | | contrib/slapd-modules/nops/nops.c | +| | | | | | attempts to free stack buffer | +| | | | | | allowing remote attackers to cause... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-15719 | | | | openldap: Certificate | +| | | | | | validation incorrectly | +| | | | | | matches name against CN-ID | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| liblz4-1 | CVE-2019-17543 | | 1.8.3-1+deb10u1 | | lz4: heap-based buffer | +| | | | | | overflow in LZ4_write32 | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libmount1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libncurses6 | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+ + + +---------------+ + +| libncursesw6 | | | | | | +| | | | | | | +| | | | | | | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libnghttp2-14 | CVE-2020-11080 | HIGH | 1.36.0-2+deb10u1 | | nghttp2: overly large SETTINGS | +| | | | | | frames can lead to DoS | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-11080 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libpcre3 | CVE-2020-14155 | MEDIUM | 2:8.39-12 | | pcre: Integer overflow when | +| | | | | | parsing callout numeric arguments | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2017-11164 | LOW | | | pcre: OP_KETRMAX feature in the | +| | | | | | match function in pcre_exec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-16231 | | | | pcre: self-recursive call | +| | | | | | in match() in pcre_exec.c | +| | | | | | leads to denial of service... | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow | +| | | | | | write in pcre32_copy_substring | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20838 | | | | pcre: Buffer over-read in JIT | +| | | | | | when UTF is disabled and \X or... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libseccomp2 | CVE-2019-9893 | | 2.3.3-4 | | libseccomp: incorrect generation | +| | | | | | of syscall filters in libseccomp | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9893 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsepol1 | CVE-2021-36084 | | 2.8-1 | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36084 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36085 | | | | libsepol: use-after-free in | +| | | | | | __cil_verify_classperms() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36085 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36086 | | | | libsepol: use-after-free in | +| | | | | | cil_reset_classpermission() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36086 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36087 | | | | libsepol: heap-based buffer | +| | | | | | overflow in ebitmap_match_any() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36087 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsmartcols1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libsqlite3-0 | CVE-2019-19603 | HIGH | 3.27.2-3+deb10u1 | | sqlite: mishandling of | +| | | | | | certain SELECT statements with | +| | | | | | non-existent VIEW can lead to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19603 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-19645 | MEDIUM | | | sqlite: infinite recursion via | +| | | | | | certain types of self-referential | +| | | | | | views in conjunction with... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19645 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19924 | | | | sqlite: incorrect | +| | | | | | sqlite3WindowRewrite() error | +| | | | | | handling leads to mishandling | +| | | | | | certain parser-tree rewriting | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19924 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13631 | | | | sqlite: Virtual table can be | +| | | | | | renamed into the name of one of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13631 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-19244 | LOW | | | sqlite: allows a crash | +| | | | | | if a sub-select uses both | +| | | | | | DISTINCT and window... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19244 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-11656 | | | | sqlite: use-after-free in the | +| | | | | | ALTER TABLE implementation | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-11656 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-36690 | | | | ** DISPUTED ** A segmentation | +| | | | | | fault can occur in the | +| | | | | | sqlite3.exe command-line... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-36690 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libssh2-1 | CVE-2019-13115 | HIGH | 1.8.0-2.1 | | libssh2: integer overflow in | +| | | | | | kex_method_diffie_hellman_group_exchange_sha256_key_exchange | +| | | | | | in kex.c leads to out-of-bounds write | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-13115 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-17498 | LOW | | | libssh2: integer overflow in | +| | | | | | SSH_MSG_DISCONNECT logic in packet.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-17498 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libssl1.1 | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libstdc++6 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack | +| | | | | | protection address in cfgexpand.c | +| | | | | | and function.c leads to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic | +| | | | | | produces repeated output | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libsystemd0 | CVE-2019-3843 | | 241-7~deb10u8 | | systemd: services with DynamicUser | +| | | | | | can create SUID/SGID binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-3844 | | | | systemd: services with DynamicUser | +| | | | | | can get new privileges and | +| | | | | | create SGID binaries... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20386 | | | | systemd: memory leak in button_open() | +| | | | | | in login/logind-button.c when | +| | | | | | udev events are received... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13776 | | | | systemd: Mishandles numerical | +| | | | | | usernames beginning with decimal | +| | | | | | digits or 0x followed by... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libtasn1-6 | CVE-2018-1000654 | | 4.13-3 | | libtasn1: Infinite loop in | +| | | | | | _asn1_expand_object_id(ptree) | +| | | | | | leads to memory exhaustion | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libtinfo6 | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libudev1 | CVE-2019-3843 | HIGH | 241-7~deb10u8 | | systemd: services with DynamicUser | +| | | | | | can create SUID/SGID binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-3844 | | | | systemd: services with DynamicUser | +| | | | | | can get new privileges and | +| | | | | | create SGID binaries... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition | +| | | | | | when updating file permissions | +| | | | | | and SELinux security contexts... | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-20386 | | | | systemd: memory leak in button_open() | +| | | | | | in login/logind-button.c when | +| | | | | | udev events are received... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW | +| | | | | | authentication not implemented | +| | | | | | can cause a system running the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-13776 | | | | systemd: Mishandles numerical | +| | | | | | usernames beginning with decimal | +| | | | | | digits or 0x followed by... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| libuuid1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libxml2 | CVE-2017-16932 | HIGH | 2.9.4+dfsg1-7+deb10u2 | | libxml2: Infinite recursion | +| | | | | | in parameter entities | +| | | | | | -->avd.aquasec.com/nvd/cve-2017-16932 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2016-9318 | MEDIUM | | | libxml2: XML External | +| | | | | | Entity vulnerability | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-9318 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| libxslt1.1 | CVE-2015-9019 | LOW | 1.1.32-2.2~deb10u1 | | libxslt: math.random() in | +| | | | | | xslt uses unseeded randomness | +| | | | | | -->avd.aquasec.com/nvd/cve-2015-9019 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| locales | CVE-2021-33574 | CRITICAL | 2.28-10 | | glibc: mq_notify does | +| | | | | | not handle separately | +| | | | | | allocated thread attributes | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | +| | | | | | backtrace functions for powerpc | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | +| | | | | | function when expanding ~user | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-3326 | | | | glibc: Assertion failure in | +| | | | | | ISO-2022-JP-3 gconv module | +| | | | | | related to combining characters | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | +| | | | | | iconv when processing invalid | +| | | | | | multi-byte input sequences in... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-10029 | | | | glibc: stack corruption | +| | | | | | from crafted input in cosl, | +| | | | | | sinl, sincosl, and tanl... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-27618 | | | | glibc: iconv when processing | +| | | | | | invalid multi-byte input | +| | | | | | sequences fails to advance the... | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2010-4756 | LOW | | | glibc: glob implementation | +| | | | | | can cause excessive CPU and | +| | | | | | memory consumption due to... | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2016-10228 | | | | glibc: iconv program can hang | +| | | | | | when invoked with the -c option | +| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | +| | | | | | leads to code execution because of... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | +| | | | | | cache of thread stack and heap | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | +| | | | | | addresses of pthread_created thread | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | +| | | | | | not ignored in setuid binaries | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | +| | | | | | function check_dst_limits_calc_pos_1 | +| | | | | | in posix/regexec.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2020-6096 | | | | glibc: signed comparison | +| | | | | | vulnerability in the | +| | | | | | ARMv7 memcpy function | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-27645 | | | | glibc: Use-after-free in | +| | | | | | addgetnetgrentX function | +| | | | | | in netgroupcache.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| login | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-7169 | | | | shadow-utils: newgidmap | +| | | | | | allows unprivileged user to | +| | | | | | drop supplementary groups | +| | | | | | potentially allowing privilege... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| mount | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| ncurses-base | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow | +| | | | | | in _nc_captoinfo() in captoinfo.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| openssl | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo | +| | | | | | random number generator | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | +| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| passwd | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 | +| | | | | | sets insecure permissions for | +| | | | | | the /var/log/btmp file,... | +| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race | +| | | | | | conditions by copying and | +| | | | | | removing directory trees | +| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2018-7169 | | | | shadow-utils: newgidmap | +| | | | | | allows unprivileged user to | +| | | | | | drop supplementary groups | +| | | | | | potentially allowing privilege... | +| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-19882 | | | | shadow-utils: local users can | +| | | | | | obtain root access because setuid | +| | | | | | programs are misconfigured... | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ +| perl-base | CVE-2020-16156 | MEDIUM | 5.28.1-6+deb10u1 | | [Signature Verification Bypass] | +| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 | ++ +------------------+----------+ +---------------+--------------------------------------------------------------+ +| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure | +| | | | | | temporary file handling | +| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| tar | CVE-2005-2541 | | 1.30+dfsg-6 | | tar: does not properly warn the user | +| | | | | | when extracting setuid or setgid... | +| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2019-9923 | | | | tar: null-pointer dereference | +| | | | | | in pax_decode_header in sparse.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 | ++ +------------------+ + +---------------+--------------------------------------------------------------+ +| | CVE-2021-20193 | | | | tar: Memory leak in | +| | | | | | read_header() in list.c | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-20193 | ++------------------+------------------+ +------------------------+---------------+--------------------------------------------------------------+ +| util-linux | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow | +| | | | | | can lead to buffer overflow | +| | | | | | in get_sem_elements() in | +| | | | | | sys-utils/ipcutils.c... | +| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 | ++------------------+------------------+----------+------------------------+---------------+--------------------------------------------------------------+ + +Java (jar) +========== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + + +opt/bitnami/common/bin/gosu (gobinary) +====================================== +Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) + +``` + diff --git a/stable/nextcloud/10.0.10/templates/_configmap.tpl b/stable/nextcloud/10.0.10/templates/_configmap.tpl new file mode 100644 index 00000000000..3bb5a51325b --- /dev/null +++ b/stable/nextcloud/10.0.10/templates/_configmap.tpl @@ -0,0 +1,35 @@ +{{/* Define the configmap */}} +{{- define "nextcloud.configmap" -}} + +{{- $hosts := "" }} +{{- if .Values.ingress.main.enabled }} +{{- range .Values.ingress }} +{{- range $index, $host := .hosts }} + {{- if $index }} + {{ $hosts = ( printf "%v %v" $hosts $host.host ) }} + {{- else }} + {{ $hosts = ( printf "%s" $host.host ) }} + {{- end }} +{{- end }} +{{- end }} +{{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: nextcloudconfig +data: + NEXTCLOUD_TRUSTED_DOMAINS: {{ ( printf "%v %v %v %v %v" "test.fakedomain.dns" ( .Values.env.NODE_IP | default "localhost" ) ( printf "%v-%v" .Release.Name "nextcloud" ) ( printf "%v-%v" .Release.Name "nextcloud-hpb" ) $hosts ) | quote }} + {{- if .Values.ingress.main.enabled }} + APACHE_DISABLE_REWRITE_IP: "1" + {{- end }} + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: hpbconfig +data: + NEXTCLOUD_URL: {{ ( printf "%v-%v" .Release.Name "nextcloud" ) | quote }} + +{{- end -}} diff --git a/stable/nextcloud/10.0.10/templates/_cronjob.tpl b/stable/nextcloud/10.0.10/templates/_cronjob.tpl new file mode 100644 index 00000000000..96a0b6145c6 --- /dev/null +++ b/stable/nextcloud/10.0.10/templates/_cronjob.tpl @@ -0,0 +1,51 @@ +{{/* Define the cronjob */}} +{{- define "nextcloud.cronjob" -}} +{{- $jobName := include "common.names.fullname" . }} + +--- +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: {{ printf "%s-cronjob" $jobName }} + labels: + {{- include "common.labels" . | nindent 4 }} +spec: + schedule: "{{ .Values.cronjob.schedule }}" + concurrencyPolicy: Forbid + {{- with .Values.cronjob.failedJobsHistoryLimit }} + failedJobsHistoryLimit: {{ . }} + {{- end }} + {{- with .Values.cronjob.successfulJobsHistoryLimit }} + successfulJobsHistoryLimit: {{ . }} + {{- end }} + jobTemplate: + metadata: + spec: + template: + metadata: + spec: + restartPolicy: Never + {{- with (include "common.controller.volumes" . | trim) }} + volumes: + {{- nindent 12 . }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ default .Values.image.tag }}" + imagePullPolicy: {{ default .Values.image.pullPolicy }} + command: [ "php" ] + args: + - "-f" + - "/var/www/html/cron.php" + # Will mount configuration files as www-data (id: 33) by default for nextcloud + {{- with (include "common.controller.volumeMounts" . | trim) }} + volumeMounts: + {{ nindent 16 . }} + {{- end }} + securityContext: + runAsUser: 33 + runAsGroup: 33 + resources: +{{ toYaml .Values.resources | indent 16 }} + +{{- end -}} diff --git a/stable/nextcloud/10.0.10/templates/common.yaml b/stable/nextcloud/10.0.10/templates/common.yaml new file mode 100644 index 00000000000..801767a012a --- /dev/null +++ b/stable/nextcloud/10.0.10/templates/common.yaml @@ -0,0 +1,14 @@ +{{/* Make sure all variables are set properly */}} +{{- include "common.setup" . }} + +{{/* Render configmap for nextcloud */}} +{{- include "nextcloud.configmap" . }} + +{{- $newMiddlewares := append .Values.ingress.main.fixedMiddlewares "tc-nextcloud-chain" }} +{{- $_ := set .Values.ingress.main "fixedMiddlewares" $newMiddlewares -}} + +{{/* Render cronjob for nextcloud */}} +{{- include "nextcloud.cronjob" . }} + +{{/* Render the templates */}} +{{ include "common.postSetup" . }} diff --git a/stable/nextcloud/10.0.10/values.yaml b/stable/nextcloud/10.0.10/values.yaml new file mode 100644 index 00000000000..e69de29bb2d