--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: emby/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-emby' of Deployment 'RELEASE-NAME-emby' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'resources.limits.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'RELEASE-NAME-emby' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV015 | CPU requests not specified | LOW |
Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'resources.requests.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
| | Kubernetes Security Check | KSV016 | Memory requests not specified | LOW |
Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'resources.requests.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
| | Kubernetes Security Check | KSV017 | Privileged container | HIGH |
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.privileged' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
| | Kubernetes Security Check | KSV018 | Memory not limited | LOW |
Expand... Enforcing memory limits prevents DoS via resource exhaustion.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'resources.limits.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'RELEASE-NAME-emby' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.


Container 'RELEASE-NAME-emby' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.


Container 'hostpatch' of Deployment 'RELEASE-NAME-emby' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM |
Expand... HostPath volumes must be forbidden.


Deployment 'RELEASE-NAME-emby' should not set 'spec.template.volumes.hostPath'
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |
Expand... Containers should be forbidden from running with a root primary or supplementary GID.


Deployment 'RELEASE-NAME-emby' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029
| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/emby:v4.6.7.0@sha256:f2c60cee28b40d6eeeff72cda847eced2d069b410e63a5b0bdbab7783f34ec1b ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | No Vulnerabilities found | |:---------------------------------| #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | No Vulnerabilities found | |:---------------------------------| #### Container: tccr.io/truecharts/emby:v4.6.7.0@sha256:f2c60cee28b40d6eeeff72cda847eced2d069b410e63a5b0bdbab7783f34ec1b (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | |
Expand...http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
| | bind9-dnsutils | CVE-2021-25219 | MEDIUM | 1:9.16.1-0ubuntu2.8 | 1:9.16.1-0ubuntu2.9 |
Expand...https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
https://kb.isc.org/docs/cve-2021-25219
https://kb.isc.org/v1/docs/cve-2021-25219
https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EF4NAVRV4H3W4GA3LGGZYUKD3HSJBAVW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGV7SA27CTYLGFJSPUM3V36ZWK7WWDI4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTKC4E3HUOLYN5IA4EBL4VAQSWG2ZVTX/
https://security.netapp.com/advisory/ntap-20211118-0002/
https://ubuntu.com/security/notices/USN-5126-1
https://ubuntu.com/security/notices/USN-5126-2
https://www.debian.org/security/2021/dsa-4994
| | bind9-dnsutils | CVE-2021-25220 | MEDIUM | 1:9.16.1-0ubuntu2.8 | 1:9.16.1-0ubuntu2.10 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
https://kb.isc.org/v1/docs/cve-2021-25220
https://ubuntu.com/security/notices/USN-5332-1
https://ubuntu.com/security/notices/USN-5332-2
| | bind9-host | CVE-2021-25219 | MEDIUM | 1:9.16.1-0ubuntu2.8 | 1:9.16.1-0ubuntu2.9 |
Expand...https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
https://kb.isc.org/docs/cve-2021-25219
https://kb.isc.org/v1/docs/cve-2021-25219
https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EF4NAVRV4H3W4GA3LGGZYUKD3HSJBAVW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGV7SA27CTYLGFJSPUM3V36ZWK7WWDI4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTKC4E3HUOLYN5IA4EBL4VAQSWG2ZVTX/
https://security.netapp.com/advisory/ntap-20211118-0002/
https://ubuntu.com/security/notices/USN-5126-1
https://ubuntu.com/security/notices/USN-5126-2
https://www.debian.org/security/2021/dsa-4994
| | bind9-host | CVE-2021-25220 | MEDIUM | 1:9.16.1-0ubuntu2.8 | 1:9.16.1-0ubuntu2.10 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
https://kb.isc.org/v1/docs/cve-2021-25220
https://ubuntu.com/security/notices/USN-5332-1
https://ubuntu.com/security/notices/USN-5332-2
| | bind9-libs | CVE-2021-25219 | MEDIUM | 1:9.16.1-0ubuntu2.8 | 1:9.16.1-0ubuntu2.9 |
Expand...https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
https://kb.isc.org/docs/cve-2021-25219
https://kb.isc.org/v1/docs/cve-2021-25219
https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EF4NAVRV4H3W4GA3LGGZYUKD3HSJBAVW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGV7SA27CTYLGFJSPUM3V36ZWK7WWDI4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTKC4E3HUOLYN5IA4EBL4VAQSWG2ZVTX/
https://security.netapp.com/advisory/ntap-20211118-0002/
https://ubuntu.com/security/notices/USN-5126-1
https://ubuntu.com/security/notices/USN-5126-2
https://www.debian.org/security/2021/dsa-4994
| | bind9-libs | CVE-2021-25220 | MEDIUM | 1:9.16.1-0ubuntu2.8 | 1:9.16.1-0ubuntu2.10 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
https://kb.isc.org/v1/docs/cve-2021-25220
https://ubuntu.com/security/notices/USN-5332-1
https://ubuntu.com/security/notices/USN-5332-2
| | bsdutils | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | bsdutils | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |
Expand...http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
| | dnsutils | CVE-2021-25219 | MEDIUM | 1:9.16.1-0ubuntu2.8 | 1:9.16.1-0ubuntu2.9 |
Expand...https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
https://kb.isc.org/docs/cve-2021-25219
https://kb.isc.org/v1/docs/cve-2021-25219
https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EF4NAVRV4H3W4GA3LGGZYUKD3HSJBAVW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGV7SA27CTYLGFJSPUM3V36ZWK7WWDI4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTKC4E3HUOLYN5IA4EBL4VAQSWG2ZVTX/
https://security.netapp.com/advisory/ntap-20211118-0002/
https://ubuntu.com/security/notices/USN-5126-1
https://ubuntu.com/security/notices/USN-5126-2
https://www.debian.org/security/2021/dsa-4994
| | dnsutils | CVE-2021-25220 | MEDIUM | 1:9.16.1-0ubuntu2.8 | 1:9.16.1-0ubuntu2.10 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
https://kb.isc.org/v1/docs/cve-2021-25220
https://ubuntu.com/security/notices/USN-5332-1
https://ubuntu.com/security/notices/USN-5332-2
| | fdisk | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | fdisk | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libblkid1 | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libblkid1 | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libc-bin | CVE-2021-3999 | MEDIUM | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://linux.oracle.com/cve/CVE-2021-3999.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc-bin | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...http://openwall.com/lists/oss-security/2017/03/01/10
http://www.securityfocus.com/bid/96525
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228
https://linux.oracle.com/cve/CVE-2016-10228.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/show_bug.cgi?id=19519
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
| | libc-bin | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
https://ubuntu.com/security/notices/USN-5310-1
| | libc-bin | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpujan2022.html
| | libc-bin | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
https://ubuntu.com/security/notices/USN-5310-1
| | libc-bin | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://ubuntu.com/security/notices/USN-5310-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | libc-bin | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462
https://ubuntu.com/security/notices/USN-5310-1
| | libc-bin | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpujan2022.html
| | libc-bin | CVE-2021-35942 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
https://ubuntu.com/security/notices/USN-5310-1
| | libc-bin | CVE-2022-23218 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://linux.oracle.com/cve/CVE-2022-23218.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
| | libc-bin | CVE-2022-23219 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://linux.oracle.com/cve/CVE-2022-23219.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
| | libc6 | CVE-2021-3999 | MEDIUM | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://linux.oracle.com/cve/CVE-2021-3999.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc6 | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...http://openwall.com/lists/oss-security/2017/03/01/10
http://www.securityfocus.com/bid/96525
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228
https://linux.oracle.com/cve/CVE-2016-10228.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/show_bug.cgi?id=19519
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
| | libc6 | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
https://ubuntu.com/security/notices/USN-5310-1
| | libc6 | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpujan2022.html
| | libc6 | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
https://ubuntu.com/security/notices/USN-5310-1
| | libc6 | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://ubuntu.com/security/notices/USN-5310-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | libc6 | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462
https://ubuntu.com/security/notices/USN-5310-1
| | libc6 | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpujan2022.html
| | libc6 | CVE-2021-35942 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
https://ubuntu.com/security/notices/USN-5310-1
| | libc6 | CVE-2022-23218 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://linux.oracle.com/cve/CVE-2022-23218.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
| | libc6 | CVE-2022-23219 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://linux.oracle.com/cve/CVE-2022-23219.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
| | libexpat1 | CVE-2022-25235 | HIGH | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
https://github.com/libexpat/libexpat/pull/562
https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)
https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)
https://linux.oracle.com/cve/CVE-2022-25235.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2022-25236 | HIGH | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
https://github.com/libexpat/libexpat/pull/561
https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)
https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)
https://github.com/libexpat/libexpat/pull/577
https://linux.oracle.com/cve/CVE-2022-25236.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2021-46143 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
https://github.com/libexpat/libexpat/issues/532
https://github.com/libexpat/libexpat/pull/538
https://linux.oracle.com/cve/CVE-2021-46143.html
https://linux.oracle.com/errata/ELSA-2022-9227.html
https://security.netapp.com/advisory/ntap-20220121-0006/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22822 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22822.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22823 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22823.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22824 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22824.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22825 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22825.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22826 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22826.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22827 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22827.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-23852 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
https://linux.oracle.com/cve/CVE-2022-23852.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://security.netapp.com/advisory/ntap-20220217-0001/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-23990 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
https://linux.oracle.com/cve/CVE-2022-23990.html
https://linux.oracle.com/errata/ELSA-2022-9232.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-25313 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.4 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
https://github.com/libexpat/libexpat/pull/558
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2022-25314 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.4 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
https://github.com/libexpat/libexpat/pull/560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2022-25315 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.4 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
https://github.com/libexpat/libexpat/pull/559
https://linux.oracle.com/cve/CVE-2022-25315.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2021-45960 | LOW | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
https://github.com/libexpat/libexpat/issues/531
https://github.com/libexpat/libexpat/pull/534
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
https://linux.oracle.com/cve/CVE-2021-45960.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://security.netapp.com/advisory/ntap-20220121-0004/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libfdisk1 | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libfdisk1 | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |
Expand...https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
| | libgssapi-krb5-2 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libicu66 | CVE-2021-30535 | MEDIUM | 66.1-2ubuntu2 | 66.1-2ubuntu2.1 |
Expand...https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
https://crbug.com/1194899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30535
https://github.com/unicode-org/icu/pull/1698
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
https://ubuntu.com/security/notices/USN-5156-1
| | libk5crypto3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libkrb5-3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libmount1 | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libmount1 | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |
Expand...http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| | libpython3.8-minimal | CVE-2021-29921 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.1 |
Expand...https://bugs.python.org/issue36384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
https://docs.python.org/3/library/ipaddress.html
https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst
https://github.com/python/cpython/pull/12577
https://github.com/python/cpython/pull/25099
https://github.com/sickcodes
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md
https://linux.oracle.com/cve/CVE-2021-29921.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html
https://security.netapp.com/advisory/ntap-20210622-0003/
https://sick.codes/sick-2021-014
https://ubuntu.com/security/notices/USN-4973-1
https://ubuntu.com/security/notices/USN-4973-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpython3.8-minimal | CVE-2021-3737 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.2 |
Expand...https://bugs.python.org/issue44022
https://bugzilla.redhat.com/show_bug.cgi?id=1995162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html
https://ubuntu.com/security/CVE-2021-3737
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| | libpython3.8-minimal | CVE-2022-0391 | MEDIUM | 3.8.10-0ubuntu1~20.04 | |
Expand...https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://security.netapp.com/advisory/ntap-20220225-0009/
| | libpython3.8-stdlib | CVE-2021-29921 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.1 |
Expand...https://bugs.python.org/issue36384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
https://docs.python.org/3/library/ipaddress.html
https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst
https://github.com/python/cpython/pull/12577
https://github.com/python/cpython/pull/25099
https://github.com/sickcodes
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md
https://linux.oracle.com/cve/CVE-2021-29921.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html
https://security.netapp.com/advisory/ntap-20210622-0003/
https://sick.codes/sick-2021-014
https://ubuntu.com/security/notices/USN-4973-1
https://ubuntu.com/security/notices/USN-4973-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpython3.8-stdlib | CVE-2021-3737 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.2 |
Expand...https://bugs.python.org/issue44022
https://bugzilla.redhat.com/show_bug.cgi?id=1995162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html
https://ubuntu.com/security/CVE-2021-3737
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| | libpython3.8-stdlib | CVE-2022-0391 | MEDIUM | 3.8.10-0ubuntu1~20.04 | |
Expand...https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://security.netapp.com/advisory/ntap-20220225-0009/
| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libsasl2-2 | CVE-2022-24407 | HIGH | 2.1.27+dfsg-2 | 2.1.27+dfsg-2ubuntu0.1 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-9239.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00002.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H26R4SMGM3WHXX4XYNNJB4YGFIL5UNF4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZC6BMPI3V3MC2IGNLN377ETUWO7QBIH/
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
https://www.debian.org/security/2022/dsa-5087
| | libsasl2-modules-db | CVE-2022-24407 | HIGH | 2.1.27+dfsg-2 | 2.1.27+dfsg-2ubuntu0.1 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-9239.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00002.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H26R4SMGM3WHXX4XYNNJB4YGFIL5UNF4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZC6BMPI3V3MC2IGNLN377ETUWO7QBIH/
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
https://www.debian.org/security/2022/dsa-5087
| | libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
| | libsmartcols1 | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libsmartcols1 | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768
| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
| | libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.sqlite.org/forum/forumpost/718c0a8d17
| | libssl1.1 | CVE-2022-0778 | HIGH | 1.1.1f-1ubuntu2.8 | 1.1.1f-1ubuntu2.12 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9246.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
| | libsystemd0 | CVE-2021-3997 | MEDIUM | 245.4-4ubuntu3.13 | 245.4-4ubuntu3.15 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997
https://ubuntu.com/security/notices/USN-5226-1
https://www.openwall.com/lists/oss-security/2022/01/10/2
| | libtasn1-6 | CVE-2018-1000654 | LOW | 4.16.0-2 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libudev1 | CVE-2021-3997 | MEDIUM | 245.4-4ubuntu3.13 | 245.4-4ubuntu3.15 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997
https://ubuntu.com/security/notices/USN-5226-1
https://www.openwall.com/lists/oss-security/2022/01/10/2
| | libuuid1 | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libuuid1 | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libxml2 | CVE-2022-23308 | MEDIUM | 2.9.10+dfsg-5ubuntu0.20.04.1 | 2.9.10+dfsg-5ubuntu0.20.04.2 |
Expand...https://access.redhat.com/security/cve/CVE-2022-23308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
https://linux.oracle.com/cve/CVE-2022-23308.html
https://linux.oracle.com/errata/ELSA-2022-0899.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
https://ubuntu.com/security/notices/USN-5324-1
| | locales | CVE-2021-3999 | MEDIUM | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://linux.oracle.com/cve/CVE-2021-3999.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | locales | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...http://openwall.com/lists/oss-security/2017/03/01/10
http://www.securityfocus.com/bid/96525
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228
https://linux.oracle.com/cve/CVE-2016-10228.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/show_bug.cgi?id=19519
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
| | locales | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
https://ubuntu.com/security/notices/USN-5310-1
| | locales | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpujan2022.html
| | locales | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
https://ubuntu.com/security/notices/USN-5310-1
| | locales | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://ubuntu.com/security/notices/USN-5310-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | locales | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462
https://ubuntu.com/security/notices/USN-5310-1
| | locales | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpujan2022.html
| | locales | CVE-2021-35942 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
https://ubuntu.com/security/notices/USN-5310-1
| | locales | CVE-2022-23218 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://linux.oracle.com/cve/CVE-2022-23218.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
| | locales | CVE-2022-23219 | LOW | 2.31-0ubuntu9.2 | 2.31-0ubuntu9.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://linux.oracle.com/cve/CVE-2022-23219.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | mount | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | mount | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | openssl | CVE-2022-0778 | HIGH | 1.1.1f-1ubuntu2.8 | 1.1.1f-1ubuntu2.12 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9246.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | python3.8 | CVE-2021-29921 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.1 |
Expand...https://bugs.python.org/issue36384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
https://docs.python.org/3/library/ipaddress.html
https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst
https://github.com/python/cpython/pull/12577
https://github.com/python/cpython/pull/25099
https://github.com/sickcodes
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md
https://linux.oracle.com/cve/CVE-2021-29921.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html
https://security.netapp.com/advisory/ntap-20210622-0003/
https://sick.codes/sick-2021-014
https://ubuntu.com/security/notices/USN-4973-1
https://ubuntu.com/security/notices/USN-4973-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3.8 | CVE-2021-3737 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.2 |
Expand...https://bugs.python.org/issue44022
https://bugzilla.redhat.com/show_bug.cgi?id=1995162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html
https://ubuntu.com/security/CVE-2021-3737
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| | python3.8 | CVE-2022-0391 | MEDIUM | 3.8.10-0ubuntu1~20.04 | |
Expand...https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://security.netapp.com/advisory/ntap-20220225-0009/
| | python3.8-minimal | CVE-2021-29921 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.1 |
Expand...https://bugs.python.org/issue36384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
https://docs.python.org/3/library/ipaddress.html
https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst
https://github.com/python/cpython/pull/12577
https://github.com/python/cpython/pull/25099
https://github.com/sickcodes
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md
https://linux.oracle.com/cve/CVE-2021-29921.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html
https://security.netapp.com/advisory/ntap-20210622-0003/
https://sick.codes/sick-2021-014
https://ubuntu.com/security/notices/USN-4973-1
https://ubuntu.com/security/notices/USN-4973-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3.8-minimal | CVE-2021-3737 | MEDIUM | 3.8.10-0ubuntu1~20.04 | 3.8.10-0ubuntu1~20.04.2 |
Expand...https://bugs.python.org/issue44022
https://bugzilla.redhat.com/show_bug.cgi?id=1995162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html
https://ubuntu.com/security/CVE-2021-3737
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| | python3.8-minimal | CVE-2022-0391 | MEDIUM | 3.8.10-0ubuntu1~20.04 | |
Expand...https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://security.netapp.com/advisory/ntap-20220225-0009/
| | tar | CVE-2021-20193 | LOW | 1.30+dfsg-7ubuntu0.20.04.1 | 1.30+dfsg-7ubuntu0.20.04.2 |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
https://ubuntu.com/security/notices/USN-5329-1
| | util-linux | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | util-linux | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | uuid-runtime | CVE-2021-3995 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | uuid-runtime | CVE-2021-3996 | MEDIUM | 2.34-0.1ubuntu9.1 | 2.34-0.1ubuntu9.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
| | zlib1g | CVE-2018-25032 | MEDIUM | 1:1.2.11.dfsg-2ubuntu1.2 | |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://www.openwall.com/lists/oss-security/2022/03/24/1
| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2020-14040 | HIGH | v0.3.2 | 0.3.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040
https://github.com/advisories/GHSA-5rcv-m4m3-hfh7
https://github.com/golang/go/issues/39491
https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
https://linux.oracle.com/cve/CVE-2020-14040.html
https://linux.oracle.com/errata/ELSA-2020-4694.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/
https://nvd.nist.gov/vuln/detail/CVE-2020-14040
| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.2 | 0.3.7 |
Expand...
| | gopkg.in/yaml.v2 | CVE-2019-11254 | MEDIUM | v2.2.7 | 2.2.8 |
Expand...https://github.com/advisories/GHSA-wxc4-f4m6-wwqv
https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48
https://github.com/kubernetes/kubernetes/issues/89535
https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8
https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc
https://linux.oracle.com/cve/CVE-2019-11254.html
https://linux.oracle.com/errata/ELSA-2020-5653.html
https://nvd.nist.gov/vuln/detail/CVE-2019-11254
https://security.netapp.com/advisory/ntap-20200413-0003/
|