--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: tdarr-node/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |

Expand...

The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-tdarr-node' of Deployment 'RELEASE-NAME-tdarr-node' should add 'ALL' to 'securityContext.capabilities.drop'

Expand...

https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-tdarr-node' of Deployment 'RELEASE-NAME-tdarr-node' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-tdarr-node' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-tdarr-node' of Deployment 'RELEASE-NAME-tdarr-node' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

Container 'autopermissions' of Deployment 'RELEASE-NAME-tdarr-node' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-tdarr-node' of Deployment 'RELEASE-NAME-tdarr-node' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-tdarr-node' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-tdarr-node' of Deployment 'RELEASE-NAME-tdarr-node' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-tdarr-node' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |

Expand...

Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-tdarr-node' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029

| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c tccr.io/truecharts/tdarr_node:v2.00.12@sha256:aaacfe9159377a03013ef112e175586a5c2b64eadd2d51412bd73ac6469a1a81 ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1

| | busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |

Expand...

| | ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Expand...

| | ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |

Expand...

| | ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |

Expand...

| #### Container: tccr.io/truecharts/tdarr_node:v2.00.12@sha256:aaacfe9159377a03013ef112e175586a5c2b64eadd2d51412bd73ac6469a1a81 (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | |

Expand...

http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8

| | binutils | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009

| | binutils | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |

Expand...

http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089

| | binutils | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204
https://linux.oracle.com/cve/CVE-2019-1010204.html
https://linux.oracle.com/errata/ELSA-2020-1797.html
https://security.netapp.com/advisory/ntap-20190822-0001/
https://sourceware.org/bugzilla/show_bug.cgi?id=23765
https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS

| | binutils-common | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009

| | binutils-common | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | binutils-common | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | binutils-x86-64-linux-gnu | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009

| | binutils-x86-64-linux-gnu | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | binutils-x86-64-linux-gnu | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |

Expand...

http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/

| | cpp | CVE-2020-13844 | MEDIUM | 1.185.1ubuntu2 | |

Expand...

http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8

| | cpp-9 | CVE-2020-13844 | MEDIUM | 9.3.0-17ubuntu1~20.04 | |

Expand...

| | dbus | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | |

Expand...

https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512

| | dbus-user-session | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | |

Expand...

| | g++ | CVE-2020-13844 | MEDIUM | 1.185.1ubuntu2 | |

Expand...

| | g++-9 | CVE-2020-13844 | MEDIUM | 9.3.0-17ubuntu1~20.04 | |

Expand...

| | gcc | CVE-2020-13844 | MEDIUM | 1.185.1ubuntu2 | |

Expand...

| | gcc-9 | CVE-2020-13844 | MEDIUM | 9.3.0-17ubuntu1~20.04 | |

Expand...

Expand...

| | git | CVE-2018-1000021 | LOW | 1:2.25.1-1ubuntu3.2 | |

Expand...

http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021

| | git-man | CVE-2018-1000021 | LOW | 1:2.25.1-1ubuntu3.2 | |

Expand...

http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html

| | krb5-locales | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

Expand...

https://bugs.launchpad.net/apparmor/+bug/1597017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

Expand...

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36976
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml

Expand...

| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1

| | libass-dev | CVE-2020-36430 | MEDIUM | 1:0.14.0-2 | |

Expand...

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26674
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36430
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libass/OSV-2020-2099.yaml
https://github.com/libass/libass/commit/017137471d0043e0321e377ed8da48e45a3ec632

| | libass9 | CVE-2020-36430 | MEDIUM | 1:0.14.0-2 | |

Expand...

| | libbinutils | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009

| | libbinutils | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | libbinutils | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |

Expand...

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions

Expand...

https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8

| | libc-bin | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | |

Expand...

http://openwall.com/lists/oss-security/2017/03/01/10
http://www.securityfocus.com/bid/96525
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228
https://linux.oracle.com/cve/CVE-2016-10228.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/show_bug.cgi?id=19519
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224

| | libc-bin | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc-bin | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224

| | libc-bin | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html

| | libc-bin | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019

| | libc-bin | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462

| | libc-bin | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | |

Expand...

http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html

| | libc-bin | CVE-2021-33574 | LOW | 2.31-0ubuntu9.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1

Expand...

Expand...

| | libc-dev-bin | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc-dev-bin | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc-dev-bin | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc-dev-bin | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc-dev-bin | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc-dev-bin | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc-dev-bin | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc-dev-bin | CVE-2021-33574 | LOW | 2.31-0ubuntu9.2 | |

Expand...

Expand...

Expand...

| | libc6 | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6 | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6 | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6 | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6 | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6 | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6 | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6 | CVE-2021-33574 | LOW | 2.31-0ubuntu9.2 | |

Expand...

Expand...

Expand...

| | libc6-dev | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6-dev | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6-dev | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6-dev | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6-dev | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6-dev | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6-dev | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libc6-dev | CVE-2021-33574 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | libcairo2 | CVE-2017-7475 | LOW | 1.16.0-4ubuntu1 | |

Expand...

http://seclists.org/oss-sec/2017/q2/151
https://bugs.freedesktop.org/show_bug.cgi?id=100763
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
https://github.com/advisories/GHSA-5v3f-73gv-x7x5
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2017-7475

| | libcairo2 | CVE-2017-9814 | LOW | 1.16.0-4ubuntu1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00042.html
https://bugs.freedesktop.org/show_bug.cgi?id=101547
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9814
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/201904-01

| | libcairo2 | CVE-2018-18064 | LOW | 1.16.0-4ubuntu1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064
https://gitlab.freedesktop.org/cairo/cairo/issues/341
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcairo2 | CVE-2019-6461 | LOW | 1.16.0-4ubuntu1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/352
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcairo2 | CVE-2019-6462 | LOW | 1.16.0-4ubuntu1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6462
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/353
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libctf-nobfd0 | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009

| | libctf-nobfd0 | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | libctf-nobfd0 | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | libctf0 | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009

| | libctf0 | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | libctf0 | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |

Expand...

| | libdbus-1-3 | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | |

Expand...

Expand...

| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |

Expand...

https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html

Expand...

| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html

| | libjpeg-turbo8-dev | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |

Expand...

Expand...

| | libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

Expand...

| | libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

Expand...

| | libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

| | libpcre16-3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |

Expand...

http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libpcre16-3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt

| | libpcre16-3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt

| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcre3-dev | CVE-2017-11164 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcre3-dev | CVE-2019-20838 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcre3-dev | CVE-2020-14155 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcre32-3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcre32-3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcre32-3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcrecpp0v5 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcrecpp0v5 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |

Expand...

| | libpcrecpp0v5 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |

Expand...

Expand...

http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://metacpan.org/pod/distribution/CPAN/scripts/cpan

| | libpolkit-agent-1-0 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.1 | |

Expand...

http://seclists.org/oss-sec/2016/q1/443
http://www.openwall.com/lists/oss-security/2016/02/26/3
https://access.redhat.com/security/cve/cve-2016-2568
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062
https://bugzilla.redhat.com/show_bug.cgi?id=1300746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568
https://lore.kernel.org/patchwork/patch/793178/
https://ubuntu.com/security/CVE-2016-2568

| | libpolkit-gobject-1-0 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.1 | |

Expand...

Expand...

| | libpython3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04.1 | |

Expand...

Expand...

| | libpython3.8-stdlib | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04.1 | |

Expand...

| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768

| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/

| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/

Expand...

| | libtasn1-6 | CVE-2018-1000654 | LOW | 4.16.0-2 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libturbojpeg | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |

Expand...

| | libturbojpeg0-dev | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |

Expand...

| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | linux-libc-dev | CVE-2013-7445 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://bugzilla.kernel.org/show_bug.cgi?id=60533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7445
https://lists.freedesktop.org/archives/dri-devel/2015-September/089778.html (potential start towards fixing)

| | linux-libc-dev | CVE-2015-8553 | MEDIUM | 5.4.0-91.102 | |

Expand...

http://thread.gmane.org/gmane.linux.kernel/1924087/focus=1930758 (regression mention)
http://xenbits.xen.org/xsa/advisory-120.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8553
https://seclists.org/bugtraq/2019/Aug/18
https://www.debian.org/security/2019/dsa-4497

| | linux-libc-dev | CVE-2016-8660 | MEDIUM | 5.4.0-91.102 | |

Expand...

http://www.openwall.com/lists/oss-security/2016/10/13/8
http://www.securityfocus.com/bid/93558
https://bugzilla.redhat.com/show_bug.cgi?id=1384851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8660
https://lore.kernel.org/linux-xfs/895314622.769515.1476375930648.JavaMail.zimbra@redhat.com/
https://marc.info/?l=linux-fsdevel&m=147639177409294&w=2
https://marc.info/?l=linux-xfs&m=149498118228320&w=2

| | linux-libc-dev | CVE-2018-17977 | MEDIUM | 5.4.0-91.102 | |

Expand...

http://www.securityfocus.com/bid/105539
https://bugzilla.suse.com/show_bug.cgi?id=1111609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17977
https://www.openwall.com/lists/oss-security/2018/10/05/5

| | linux-libc-dev | CVE-2020-12363 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12363
https://linux.oracle.com/cve/CVE-2020-12363.html
https://linux.oracle.com/errata/ELSA-2021-2314.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

| | linux-libc-dev | CVE-2020-12364 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12364
https://linux.oracle.com/cve/CVE-2020-12364.html
https://linux.oracle.com/errata/ELSA-2021-2314.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

| | linux-libc-dev | CVE-2020-24504 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24504
https://linux.oracle.com/cve/CVE-2020-24504.html
https://linux.oracle.com/errata/ELSA-2021-4356.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html

| | linux-libc-dev | CVE-2020-27835 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=1901709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27835
https://git.kernel.org/linus/3d2a9d642512c21a12d19b9250e7a835dcb41a79
https://linux.oracle.com/cve/CVE-2020-27835.html
https://linux.oracle.com/errata/ELSA-2021-1578.html
https://ubuntu.com/security/notices/USN-4751-1

| | linux-libc-dev | CVE-2020-36310 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=1769283#c148
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36310
https://git.kernel.org/linus/e72436bc3a5206f95bb384e741154166ddb3202e
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e72436bc3a5206f95bb384e741154166ddb3202e
https://linux.oracle.com/cve/CVE-2020-36310.html
https://linux.oracle.com/errata/ELSA-2021-9307.html

| | linux-libc-dev | CVE-2021-26932 | MEDIUM | 5.4.0-91.102 | |

Expand...

http://xenbits.xen.org/xsa/advisory-361.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932
https://linux.oracle.com/cve/CVE-2021-26932.html
https://linux.oracle.com/errata/ELSA-2021-9136.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWQWPWYZRXVFJI5M3VCM72X27IB7CKOB/
https://security.netapp.com/advisory/ntap-20210326-0001/
https://www.openwall.com/lists/oss-security/2021/02/16/3
https://xenbits.xen.org/xsa/advisory-361.html

| | linux-libc-dev | CVE-2021-39685 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39685
https://github.com/szymonh/inspector-gadget
https://www.openwall.com/lists/oss-security/2021/12/15/4

| | linux-libc-dev | CVE-2021-4001 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4001
https://git.kernel.org/linus/353050be4c19e102178ccc05988101887c25ae53
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=353050be4c19e102178ccc05988101887c25ae53

| | linux-libc-dev | CVE-2021-4083 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4083
https://git.kernel.org/linus/054aa8d439b9185d4f5eb9a90282d1ce74772969 (5.16-rc4)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9

| | linux-libc-dev | CVE-2021-43975 | MEDIUM | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43975
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/
https://lore.kernel.org/netdev/163698540868.13805.17800408021782408762.git-patchwork-notify@kernel.org/T/
https://security.netapp.com/advisory/ntap-20211210-0001/

| | linux-libc-dev | CVE-2017-0537 | LOW | 5.4.0-91.102 | |

Expand...

http://www.securityfocus.com/bid/96831
http://www.securitytracker.com/id/1037968
https://android.googlesource.com/kernel/tegra.git/+/389b185cb2f17fff994dbdf8d4bac003d4b2b6b3%5E%21/#F0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0537
https://lore.kernel.org/lkml/1484647168-30135-1-git-send-email-jilin@nvidia.com/#t
https://source.android.com/security/bulletin/2017-01-01.html
https://source.android.com/security/bulletin/2017-03-01
https://source.android.com/security/bulletin/2017-03-01.html

| | linux-libc-dev | CVE-2017-13165 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13165
https://github.com/aosp-mirror/platform_system_core/commit/15ffc53f6d57a46e3041453865311035a18e047a
https://source.android.com/security/bulletin/pixel/2017-12-01

| | linux-libc-dev | CVE-2017-13693 | LOW | 5.4.0-91.102 | |

Expand...

http://www.securityfocus.com/bid/100502
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13693
https://github.com/acpica/acpica/pull/295/commits/987a3b5cf7175916e2a4b6ea5b8e70f830dfe732
https://patchwork.kernel.org/patch/9919053/

| | linux-libc-dev | CVE-2018-1121 | LOW | 5.4.0-91.102 | |

Expand...

http://seclists.org/oss-sec/2018/q2/122
http://www.securityfocus.com/bid/104214
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1121
https://www.exploit-db.com/exploits/44806/
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

| | linux-libc-dev | CVE-2018-12928 | LOW | 5.4.0-91.102 | |

Expand...

http://www.securityfocus.com/bid/104593
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12928
https://groups.google.com/forum/#!msg/syzkaller-bugs/9SgQk_6tSZ4/zLhTm4r1AwAJ
https://lore.kernel.org/linux-fsdevel/20180418173028.GA30953@bombadil.infradead.org/
https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2

| | linux-libc-dev | CVE-2018-12929 | LOW | 5.4.0-91.102 | |

Expand...

http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12929
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2

| | linux-libc-dev | CVE-2018-12930 | LOW | 5.4.0-91.102 | |

Expand...

http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12930
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2

| | linux-libc-dev | CVE-2018-12931 | LOW | 5.4.0-91.102 | |

Expand...

http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12931
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2

| | linux-libc-dev | CVE-2019-14899 | LOW | 5.4.0-91.102 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Jul/23
http://seclists.org/fulldisclosure/2020/Jul/24
http://seclists.org/fulldisclosure/2020/Jul/25
http://seclists.org/fulldisclosure/2020/Nov/20
http://www.openwall.com/lists/oss-security/2020/08/13/2
http://www.openwall.com/lists/oss-security/2020/10/07/3
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14899
https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/
https://support.apple.com/kb/HT211288
https://support.apple.com/kb/HT211289
https://support.apple.com/kb/HT211290
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://www.openwall.com/lists/oss-security/2019/12/05/1

| | linux-libc-dev | CVE-2019-15213 | LOW | 5.4.0-91.102 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html
http://www.openwall.com/lists/oss-security/2019/08/20/2
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15213
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7
https://linux.oracle.com/cve/CVE-2019-15213.html
https://linux.oracle.com/errata/ELSA-2019-4872.html
https://lore.kernel.org/linux-media/fe983331d14442a96db3f71066ca0488a8921840.camel@decadent.org.uk/
https://security.netapp.com/advisory/ntap-20190905-0002/
https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced

| | linux-libc-dev | CVE-2019-16230 | LOW | 5.4.0-91.102 | |

Expand...

https://bugzilla.suse.com/show_bug.cgi?id=1150468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16230
https://lkml.org/lkml/2019/9/9/487
https://security.netapp.com/advisory/ntap-20191004-0001/

| | linux-libc-dev | CVE-2019-19378 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19378
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19378
https://security.netapp.com/advisory/ntap-20200103-0001/

| | linux-libc-dev | CVE-2019-19814 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19814
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814
https://security.netapp.com/advisory/ntap-20200103-0001/

| | linux-libc-dev | CVE-2020-11725 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11725
https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474
https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/
https://twitter.com/yabbadabbadrew/status/1248632267028582400

| | linux-libc-dev | CVE-2020-14304 | LOW | 5.4.0-91.102 | |

Expand...

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960702
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14304
https://linux.oracle.com/cve/CVE-2020-14304.html
https://linux.oracle.com/errata/ELSA-2021-9410.html
https://lore.kernel.org/netdev/20200517172053.GA734488@decadent.org.uk/T/

| | linux-libc-dev | CVE-2020-35501 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35501
https://listman.redhat.com/archives/linux-audit/2018-July/msg00041.html
https://www.openwall.com/lists/oss-security/2021/02/18/1

| | linux-libc-dev | CVE-2021-26934 | LOW | 5.4.0-91.102 | |

Expand...

http://xenbits.xen.org/xsa/advisory-363.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26934
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GELN5E6MDR5KQBJF5M5COUUED3YFZTD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOAJBVAVR6RSCUCHNXPVSNRPSFM7INMP/
https://security.netapp.com/advisory/ntap-20210326-0001/
https://www.openwall.com/lists/oss-security/2021/02/16/2
https://xenbits.xen.org/xsa/advisory-363.html

| | linux-libc-dev | CVE-2021-32078 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32078
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=298a58e165e447ccfaae35fe9f651f9d7e15166f
https://git.kernel.org/linus/298a58e165e447ccfaae35fe9f651f9d7e15166f (5.13-rc1)
https://github.com/torvalds/linux/commit/298a58e165e447ccfaae35fe9f651f9d7e15166f
https://kirtikumarar.com/CVE-2021-32078.txt
https://security.netapp.com/advisory/ntap-20210813-0002/

| | linux-libc-dev | CVE-2021-34981 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34981
https://git.kernel.org/linus/3cfdf8fcaafa62a4123f92eb0f4a72650da3a479 (5.14-rc1)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3cfdf8fcaafa62a4123f92eb0f4a72650da3a479
https://www.zerodayinitiative.com/advisories/ZDI-21-1223/

| | linux-libc-dev | CVE-2021-3669 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3669
https://lore.kernel.org/all/20210809203554.1562989-1-aquini@redhat.com/

| | linux-libc-dev | CVE-2021-3772 | LOW | 5.4.0-91.102 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3772
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://ubuntu.com/security/notices/USN-5165-1

Expand...

Expand...

| | locales | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | locales | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | locales | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | locales | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | locales | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | locales | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | locales | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | locales | CVE-2021-33574 | LOW | 2.31-0ubuntu9.2 | |

Expand...

| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |

Expand...

https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235

| | nasm | CVE-2018-1000667 | LOW | 2.14.02-1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392507
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000667
https://github.com/cyrillos/nasm/issues/3

| | nasm | CVE-2018-1000886 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392514
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000886

| | nasm | CVE-2018-10016 | LOW | 2.14.02-1 | |

Expand...

| | nasm | CVE-2018-10254 | LOW | 2.14.02-1 | |

Expand...

| | nasm | CVE-2018-10316 | LOW | 2.14.02-1 | |

Expand...

| | nasm | CVE-2018-16382 | LOW | 2.14.02-1 | |

Expand...

| | nasm | CVE-2018-16517 | LOW | 2.14.02-1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
http://packetstormsecurity.com/files/152566/Netwide-Assembler-NASM-2.14rc15-Null-Pointer-Dereference.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16517
https://fakhrizulkifli.github.io/CVE-2018-16517.html
https://www.exploit-db.com/exploits/46726/

| | nasm | CVE-2018-16999 | LOW | 2.14.02-1 | |

Expand...

| | nasm | CVE-2018-19209 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.suse.com/show_bug.cgi?id=1115797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19209
https://repo.or.cz/nasm.git/commitdiff/e996d28c70d45008085322b442b44a9224308548

| | nasm | CVE-2018-19213 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392524
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19213

| | nasm | CVE-2018-19214 | LOW | 2.14.02-1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392521
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19214
https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354

| | nasm | CVE-2018-19215 | LOW | 2.14.02-1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392525
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19215
https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f

| | nasm | CVE-2018-19216 | LOW | 2.14.02-1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392424
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19216
https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9

| | nasm | CVE-2018-19755 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19755
https://repo.or.cz/nasm.git/commit/3079f7966dbed4497e36d5067cbfd896a90358cb

| | nasm | CVE-2018-20535 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392530
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20535

| | nasm | CVE-2018-20538 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392531
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20538

| | nasm | CVE-2018-8882 | LOW | 2.14.02-1 | |

Expand...

| | nasm | CVE-2018-8883 | LOW | 2.14.02-1 | |

Expand...

| | nasm | CVE-2019-6290 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6290

| | nasm | CVE-2019-6291 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6291

| | nasm | CVE-2019-7147 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392544
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7147

| | nasm | CVE-2019-8343 | LOW | 2.14.02-1 | |

Expand...

https://bugzilla.nasm.us/show_bug.cgi?id=3392556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8343

| | openssh-client | CVE-2020-14145 | LOW | 1:8.2p1-4ubuntu0.3 | |

Expand...

http://www.openwall.com/lists/oss-security/2020/12/02/1
https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145
https://docs.ssh-mitm.at/CVE-2020-14145.html
https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
https://linux.oracle.com/cve/CVE-2020-14145.html
https://linux.oracle.com/errata/ELSA-2021-4368.html
https://security.gentoo.org/glsa/202105-35
https://security.netapp.com/advisory/ntap-20200709-0004/
https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf

| | openssh-client | CVE-2021-41617 | LOW | 1:8.2p1-4ubuntu0.3 | |

Expand...

https://bugzilla.suse.com/show_bug.cgi?id=1190975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
https://linux.oracle.com/cve/CVE-2021-41617.html
https://linux.oracle.com/errata/ELSA-2021-9575.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
https://security.netapp.com/advisory/ntap-20211014-0004/
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.8
https://www.openwall.com/lists/oss-security/2021/09/26/1

| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |

Expand...

| | patch | CVE-2018-6952 | LOW | 2.7.6-6 | |

Expand...

http://www.securityfocus.com/bid/103047
https://access.redhat.com/errata/RHSA-2019:2033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
https://linux.oracle.com/cve/CVE-2018-6952.html
https://linux.oracle.com/errata/ELSA-2019-2033.html
https://savannah.gnu.org/bugs/index.php?53133
https://security.gentoo.org/glsa/201904-17

Expand...

Expand...

Expand...

| | policykit-1 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.1 | |

Expand...

| | python3-urllib3 | CVE-2021-33503 | LOW | 1.25.8-2ubuntu0.1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://linux.oracle.com/cve/CVE-2021-33503.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html

Expand...

| | python3.8 | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04.1 | |

Expand...

Expand...

| | python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04.1 | |

Expand...

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
https://security.netapp.com/advisory/ntap-20210618-0002/

| | xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2ubuntu1 | |

Expand...

http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E