--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: nzbhydra/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-nzbhydra' of Deployment 'RELEASE-NAME-nzbhydra' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'resources.limits.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-nzbhydra' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'autopermissions' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV015 | CPU requests not specified | LOW |
Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'resources.requests.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
| | Kubernetes Security Check | KSV016 | Memory requests not specified | LOW |
Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'resources.requests.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
| | Kubernetes Security Check | KSV017 | Privileged container | HIGH |
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.privileged' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
| | Kubernetes Security Check | KSV018 | Memory not limited | LOW |
Expand... Enforcing memory limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'resources.limits.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-nzbhydra' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-nzbhydra' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-nzbhydra' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM |
Expand... HostPath volumes must be forbidden.

Deployment 'RELEASE-NAME-nzbhydra' should not set 'spec.template.volumes.hostPath'
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |
Expand... Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-nzbhydra' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029
| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/nzbhydra2:v4.3.1@sha256:4e3a03a40c163902dc029930920a34efb0f01c35e1a85b55c27274cd4c18b4f6 ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-1642.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-1642.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/nzbhydra2:v4.3.1@sha256:4e3a03a40c163902dc029930920a34efb0f01c35e1a85b55c27274cd4c18b4f6 (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |
Expand...http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://access.redhat.com/security/cve/CVE-2016-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2781
| | curl | CVE-2022-27782 | MEDIUM | 7.68.0-1ubuntu2.10 | 7.68.0-1ubuntu2.11 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27782
https://curl.se/docs/CVE-2022-27782.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
https://ubuntu.com/security/notices/USN-5412-1
| | curl | CVE-2022-27781 | LOW | 7.68.0-1ubuntu2.10 | 7.68.0-1ubuntu2.11 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27781
https://curl.se/docs/CVE-2022-27781.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
https://github.com/curl/curl/commit/f6c335d63f
https://ubuntu.com/security/notices/USN-5412-1
| | e2fsprogs | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libcom-err2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libcups2 | CVE-2019-8842 | LOW | 2.3.1-9ubuntu1.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT210788
| | libcups2 | CVE-2020-10001 | LOW | 2.3.1-9ubuntu1.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-10001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001
https://linux.oracle.com/cve/CVE-2020-10001.html
https://linux.oracle.com/errata/ELSA-2021-4393.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html
https://support.apple.com/en-us/HT212011
| | libcurl4 | CVE-2022-27782 | MEDIUM | 7.68.0-1ubuntu2.10 | 7.68.0-1ubuntu2.11 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27782
https://curl.se/docs/CVE-2022-27782.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
https://ubuntu.com/security/notices/USN-5412-1
| | libcurl4 | CVE-2022-27781 | LOW | 7.68.0-1ubuntu2.10 | 7.68.0-1ubuntu2.11 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27781
https://curl.se/docs/CVE-2022-27781.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
https://github.com/curl/curl/commit/f6c335d63f
https://ubuntu.com/security/notices/USN-5412-1
| | libdbus-1-3 | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | 1.12.16-2ubuntu2.2 |
Expand...https://access.redhat.com/security/cve/CVE-2020-35512
https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
https://ubuntu.com/security/notices/USN-5244-2
| | libext2fs2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libfreetype6 | CVE-2022-27404 | MEDIUM | 2.10.1-2ubuntu0.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404
https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
https://nvd.nist.gov/vuln/detail/CVE-2022-27404
| | libfreetype6 | CVE-2022-27405 | LOW | 2.10.1-2ubuntu0.1 | |
Expand...http://freetype.com
https://access.redhat.com/security/cve/CVE-2022-27405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405
https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
https://nvd.nist.gov/vuln/detail/CVE-2022-27405
| | libfreetype6 | CVE-2022-27406 | LOW | 2.10.1-2ubuntu0.1 | |
Expand...http://freetype.com
https://access.redhat.com/security/cve/CVE-2022-27406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406
https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
https://nvd.nist.gov/vuln/detail/CVE-2022-27406
| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-43618
https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43618
| | libgssapi-krb5-2 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libgssapi-krb5-2 | CVE-2021-37750 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-37750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-37750.html
https://linux.oracle.com/errata/ELSA-2021-4788.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/
https://nvd.nist.gov/vuln/detail/CVE-2021-37750
https://security.netapp.com/advisory/ntap-20210923-0002/
https://web.mit.edu/kerberos/advisories/
| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-17541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html
https://nvd.nist.gov/vuln/detail/CVE-2020-17541
| | libk5crypto3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libk5crypto3 | CVE-2021-37750 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-37750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-37750.html
https://linux.oracle.com/errata/ELSA-2021-4788.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/
https://nvd.nist.gov/vuln/detail/CVE-2021-37750
https://security.netapp.com/advisory/ntap-20210923-0002/
https://web.mit.edu/kerberos/advisories/
| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libkrb5-3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5-3 | CVE-2021-37750 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-37750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-37750.html
https://linux.oracle.com/errata/ELSA-2021-4788.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/
https://nvd.nist.gov/vuln/detail/CVE-2021-37750
https://security.netapp.com/advisory/ntap-20210923-0002/
https://web.mit.edu/kerberos/advisories/
| | libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5support0 | CVE-2021-37750 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-37750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-37750.html
https://linux.oracle.com/errata/ELSA-2021-4788.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/
https://nvd.nist.gov/vuln/detail/CVE-2021-37750
https://security.netapp.com/advisory/ntap-20210923-0002/
https://web.mit.edu/kerberos/advisories/
| | libldap-2.4-2 | CVE-2022-29155 | MEDIUM | 2.4.49+dfsg-2ubuntu1.8 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-29155
https://bugs.openldap.org/show_bug.cgi?id=9815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155
https://nvd.nist.gov/vuln/detail/CVE-2022-29155
| | libldap-common | CVE-2022-29155 | MEDIUM | 2.4.49+dfsg-2ubuntu1.8 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-29155
https://bugs.openldap.org/show_bug.cgi?id=9815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155
https://nvd.nist.gov/vuln/detail/CVE-2022-29155
| | libnss3 | CVE-2020-25648 | LOW | 2:3.49.1-1ubuntu1.6 | 2:3.49.1-1ubuntu1.7 |
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25648.json
https://access.redhat.com/security/cve/CVE-2020-25648
https://bugzilla.redhat.com/show_bug.cgi?id=1887319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25648
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
https://linux.oracle.com/cve/CVE-2020-25648.html
https://linux.oracle.com/errata/ELSA-2021-3572.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRM53IQCPZT2US3M7JXTP6I6IBA5RGOD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPOLN6DJUYQ3QBQEGLZGV73SNIPK7GHV/
https://ubuntu.com/security/notices/USN-5410-1
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libnss3 | CVE-2022-22747 | LOW | 2:3.49.1-1ubuntu1.6 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-22747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747
https://linux.oracle.com/cve/CVE-2022-22747.html
https://linux.oracle.com/errata/ELSA-2022-0130.html
https://ubuntu.com/security/notices/USN-5229-1
https://ubuntu.com/security/notices/USN-5246-1
https://ubuntu.com/security/notices/USN-5248-1
https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/#CVE-2022-22747
| | libpcre2-8-0 | CVE-2022-1586 | LOW | 10.34-7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1586
https://bugzilla.redhat.com/show_bug.cgi?id=2077976,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,
https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
| | libpcre2-8-0 | CVE-2022-1587 | LOW | 10.34-7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1587
https://bugzilla.redhat.com/show_bug.cgi?id=2077983,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587
https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |
Expand...http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://access.redhat.com/security/cve/CVE-2017-11164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://access.redhat.com/security/cve/CVE-2019-20838
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://errata.almalinux.org/8/ALSA-2021-4373.html
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-20838
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://access.redhat.com/security/cve/CVE-2020-14155
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://errata.almalinux.org/8/ALSA-2021-4373.html
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-14155
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.pcre.org/original/changelog.txt
| | libpython3.8-minimal | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |
Expand...https://access.redhat.com/security/cve/CVE-2015-20107
https://bugs.python.org/issue24778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107
https://github.com/python/cpython/issues/68966
https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80
https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/
https://nvd.nist.gov/vuln/detail/CVE-2015-20107
| | libpython3.8-stdlib | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |
Expand...https://access.redhat.com/security/cve/CVE-2015-20107
https://bugs.python.org/issue24778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107
https://github.com/python/cpython/issues/68966
https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80
https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/
https://nvd.nist.gov/vuln/detail/CVE-2015-20107
| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | 3.0-1ubuntu0.1 |
Expand...https://access.redhat.com/security/cve/CVE-2021-36084
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1
| | libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | 3.0-1ubuntu0.1 |
Expand...https://access.redhat.com/security/cve/CVE-2021-36085
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1
| | libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | 3.0-1ubuntu0.1 |
Expand...https://access.redhat.com/security/cve/CVE-2021-36086
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1
| | libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | 3.0-1ubuntu0.1 |
Expand...https://access.redhat.com/security/cve/CVE-2021-36087
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
https://ubuntu.com/security/notices/USN-5391-1
| | libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768
| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
| | libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | 3.31.1-4ubuntu0.3 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://nvd.nist.gov/vuln/detail/CVE-2021-36690
https://ubuntu.com/security/notices/USN-5403-1
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.sqlite.org/forum/forumpost/718c0a8d17
| | libss2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libssl1.1 | CVE-2022-1292 | MEDIUM | 1.1.1f-1ubuntu2.12 | 1.1.1f-1ubuntu2.13 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html
https://nvd.nist.gov/vuln/detail/CVE-2022-1292
https://ubuntu.com/security/notices/USN-5402-1
https://www.openssl.org/news/secadv/20220503.txt
| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libxml2 | CVE-2022-29824 | MEDIUM | 2.9.10+dfsg-5ubuntu0.20.04.2 | 2.9.10+dfsg-5ubuntu0.20.04.3 |
Expand...https://access.redhat.com/security/cve/CVE-2022-29824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
https://gitlab.gnome.org/GNOME/libxslt/-/tags
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
https://nvd.nist.gov/vuln/detail/CVE-2022-29824
https://ubuntu.com/security/notices/USN-5422-1
| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | logsave | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | openssl | CVE-2022-1292 | MEDIUM | 1.1.1f-1ubuntu2.12 | 1.1.1f-1ubuntu2.13 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html
https://nvd.nist.gov/vuln/detail/CVE-2022-1292
https://ubuntu.com/security/notices/USN-5402-1
https://www.openssl.org/news/secadv/20220503.txt
| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | python3.8 | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |
Expand...https://access.redhat.com/security/cve/CVE-2015-20107
https://bugs.python.org/issue24778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107
https://github.com/python/cpython/issues/68966
https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80
https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/
https://nvd.nist.gov/vuln/detail/CVE-2015-20107
| | python3.8-minimal | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |
Expand...https://access.redhat.com/security/cve/CVE-2015-20107
https://bugs.python.org/issue24778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107
https://github.com/python/cpython/issues/68966
https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80
https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/
https://nvd.nist.gov/vuln/detail/CVE-2015-20107
| | vim-common | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166
https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682
https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)
https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4166
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | vim-common | CVE-2021-4192 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4192
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4192
https://github.com/vim/vim/commit/4c13e5e6763c6eb36a343a2b8235ea227202e952
https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22
https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22/
https://linux.oracle.com/cve/CVE-2021-4192.html
https://linux.oracle.com/errata/ELSA-2022-0366.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4192
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | vim-common | CVE-2022-0213 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2022-0213
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0213
https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26
https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
| | vim-common | CVE-2022-0261 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0261
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0261
https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc
https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc (v8.2.4120)
https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82
https://linux.oracle.com/cve/CVE-2022-0261.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0261
| | vim-common | CVE-2022-0318 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0318
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0318
https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc
https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08
https://linux.oracle.com/cve/CVE-2022-0318.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0318
| | vim-common | CVE-2022-0319 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0319
https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9
https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
| | vim-common | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0351
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351
https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d
https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)
https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
| | vim-common | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359
https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1
https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)
https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def
https://linux.oracle.com/cve/CVE-2022-0359.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0359
| | vim-common | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0361
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361
https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366
https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)
https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b
https://linux.oracle.com/cve/CVE-2022-0361.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0361
| | vim-common | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0368
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368
https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa
https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)
https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9
https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0368
| | vim-common | CVE-2022-0392 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0392
https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a
https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a (v8.2.4218)
https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126
https://linux.oracle.com/cve/CVE-2022-0392.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0392
| | vim-common | CVE-2022-0408 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0408
https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31
https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31 (v8.2.4247)
https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0408
| | vim-common | CVE-2022-0417 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0417
https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a
https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0417
| | vim-common | CVE-2022-0554 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0554
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0554
https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8
https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://nvd.nist.gov/vuln/detail/CVE-2022-0554
| | vim-common | CVE-2022-0572 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0572
https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f
https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f (v8.2.4359)
https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://nvd.nist.gov/vuln/detail/CVE-2022-0572
| | vim-common | CVE-2022-0629 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0629
https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc
https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/
https://nvd.nist.gov/vuln/detail/CVE-2022-0629
| | vim-common | CVE-2021-3973 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-3973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3973
https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847
https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847 (v8.2.3611)
https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/
https://nvd.nist.gov/vuln/detail/CVE-2021-3973
https://ubuntu.com/security/notices/USN-5247-1
| | vim-common | CVE-2021-4193 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4193
https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b
https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0
https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0/
https://linux.oracle.com/cve/CVE-2021-4193.html
https://linux.oracle.com/errata/ELSA-2022-0366.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4193
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | vim-common | CVE-2022-0443 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0443
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0443
https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461
https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461 (v8.2.4281)
https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0443
| | vim-tiny | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166
https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682
https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)
https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4166
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | vim-tiny | CVE-2021-4192 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4192
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4192
https://github.com/vim/vim/commit/4c13e5e6763c6eb36a343a2b8235ea227202e952
https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22
https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22/
https://linux.oracle.com/cve/CVE-2021-4192.html
https://linux.oracle.com/errata/ELSA-2022-0366.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4192
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | vim-tiny | CVE-2022-0213 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2022-0213
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0213
https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26
https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
| | vim-tiny | CVE-2022-0261 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0261
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0261
https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc
https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc (v8.2.4120)
https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82
https://linux.oracle.com/cve/CVE-2022-0261.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0261
| | vim-tiny | CVE-2022-0318 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0318
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0318
https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc
https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08
https://linux.oracle.com/cve/CVE-2022-0318.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0318
| | vim-tiny | CVE-2022-0319 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0319
https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9
https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
| | vim-tiny | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0351
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351
https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d
https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)
https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
| | vim-tiny | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359
https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1
https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)
https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def
https://linux.oracle.com/cve/CVE-2022-0359.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0359
| | vim-tiny | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0361
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361
https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366
https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)
https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b
https://linux.oracle.com/cve/CVE-2022-0361.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0361
| | vim-tiny | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0368
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368
https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa
https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)
https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9
https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0368
| | vim-tiny | CVE-2022-0392 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0392
https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a
https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a (v8.2.4218)
https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126
https://linux.oracle.com/cve/CVE-2022-0392.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0392
| | vim-tiny | CVE-2022-0408 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0408
https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31
https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31 (v8.2.4247)
https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0408
| | vim-tiny | CVE-2022-0417 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0417
https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a
https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0417
| | vim-tiny | CVE-2022-0554 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0554
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0554
https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8
https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://nvd.nist.gov/vuln/detail/CVE-2022-0554
| | vim-tiny | CVE-2022-0572 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0572
https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f
https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f (v8.2.4359)
https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://nvd.nist.gov/vuln/detail/CVE-2022-0572
| | vim-tiny | CVE-2022-0629 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0629
https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc
https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/
https://nvd.nist.gov/vuln/detail/CVE-2022-0629
| | vim-tiny | CVE-2021-3973 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-3973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3973
https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847
https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847 (v8.2.3611)
https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/
https://nvd.nist.gov/vuln/detail/CVE-2021-3973
https://ubuntu.com/security/notices/USN-5247-1
| | vim-tiny | CVE-2021-4193 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4193
https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b
https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0
https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0/
https://linux.oracle.com/cve/CVE-2021-4193.html
https://linux.oracle.com/errata/ELSA-2022-0366.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4193
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | vim-tiny | CVE-2022-0443 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0443
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0443
https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461
https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461 (v8.2.4281)
https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0443
| | xxd | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166
https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682
https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)
https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4166
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | xxd | CVE-2021-4192 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4192
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4192
https://github.com/vim/vim/commit/4c13e5e6763c6eb36a343a2b8235ea227202e952
https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22
https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22/
https://linux.oracle.com/cve/CVE-2021-4192.html
https://linux.oracle.com/errata/ELSA-2022-0366.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4192
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | xxd | CVE-2022-0213 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2022-0213
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0213
https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26
https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
| | xxd | CVE-2022-0261 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0261
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0261
https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc
https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc (v8.2.4120)
https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82
https://linux.oracle.com/cve/CVE-2022-0261.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0261
| | xxd | CVE-2022-0318 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0318
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0318
https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc
https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08
https://linux.oracle.com/cve/CVE-2022-0318.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0318
| | xxd | CVE-2022-0319 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0319
https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9
https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
| | xxd | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0351
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351
https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d
https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)
https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
| | xxd | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359
https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1
https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)
https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def
https://linux.oracle.com/cve/CVE-2022-0359.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0359
| | xxd | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0361
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361
https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366
https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)
https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b
https://linux.oracle.com/cve/CVE-2022-0361.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0361
| | xxd | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0368
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368
https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa
https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)
https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9
https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0368
| | xxd | CVE-2022-0392 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0392
https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a
https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a (v8.2.4218)
https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126
https://linux.oracle.com/cve/CVE-2022-0392.html
https://linux.oracle.com/errata/ELSA-2022-0894.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0392
| | xxd | CVE-2022-0408 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0408
https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31
https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31 (v8.2.4247)
https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0408
| | xxd | CVE-2022-0417 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0417
https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a
https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0417
| | xxd | CVE-2022-0554 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0554
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0554
https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8
https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://nvd.nist.gov/vuln/detail/CVE-2022-0554
| | xxd | CVE-2022-0572 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0572
https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f
https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f (v8.2.4359)
https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://nvd.nist.gov/vuln/detail/CVE-2022-0572
| | xxd | CVE-2022-0629 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0629
https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc
https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/
https://nvd.nist.gov/vuln/detail/CVE-2022-0629
| | xxd | CVE-2021-3973 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-3973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3973
https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847
https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847 (v8.2.3611)
https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/
https://nvd.nist.gov/vuln/detail/CVE-2021-3973
https://ubuntu.com/security/notices/USN-5247-1
| | xxd | CVE-2021-4193 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
http://www.openwall.com/lists/oss-security/2022/01/15/1
https://access.redhat.com/security/cve/CVE-2021-4193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4193
https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b
https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0
https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0/
https://linux.oracle.com/cve/CVE-2021-4193.html
https://linux.oracle.com/errata/ELSA-2022-0366.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-4193
https://support.apple.com/kb/HT213183
https://support.apple.com/kb/HT213256
| | xxd | CVE-2022-0443 | LOW | 2:8.1.2269-1ubuntu5.7 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0443
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0443
https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461
https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461 (v8.2.4281)
https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51
https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
https://nvd.nist.gov/vuln/detail/CVE-2022-0443
| **jar** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | com.fasterxml.jackson.core:jackson-databind | CVE-2020-36518 | HIGH | 2.13.0 | 2.12.6.1, 2.13.2.1 |
Expand...https://access.redhat.com/security/cve/CVE-2020-36518
https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b
https://github.com/FasterXML/jackson-databind/issues/2816
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13
https://github.com/advisories/GHSA-57j2-w4cx-62h2
https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2020-36518
https://security.netapp.com/advisory/ntap-20220506-0004/
https://www.oracle.com/security-alerts/cpuapr2022.html
| | com.google.guava:guava | CVE-2018-10237 | MEDIUM | 20.0 | 24.1.1-jre, 24.1.1-android |
Expand...http://www.securitytracker.com/id/1041707
https://access.redhat.com/errata/RHSA-2018:2423
https://access.redhat.com/errata/RHSA-2018:2424
https://access.redhat.com/errata/RHSA-2018:2425
https://access.redhat.com/errata/RHSA-2018:2428
https://access.redhat.com/errata/RHSA-2018:2598
https://access.redhat.com/errata/RHSA-2018:2643
https://access.redhat.com/errata/RHSA-2018:2740
https://access.redhat.com/errata/RHSA-2018:2741
https://access.redhat.com/errata/RHSA-2018:2742
https://access.redhat.com/errata/RHSA-2018:2743
https://access.redhat.com/errata/RHSA-2018:2927
https://access.redhat.com/errata/RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:3149
https://access.redhat.com/security/cve/CVE-2018-10237
https://github.com/advisories/GHSA-mvr2-9pj6-7w5j
https://github.com/google/guava/wiki/CVE-2018-10237
https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion
https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion
https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E
https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E
https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E
https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E
https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E
https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2018-10237
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | com.google.guava:guava | CVE-2020-8908 | LOW | 20.0 | 30.0 |
Expand...https://access.redhat.com/security/cve/CVE-2020-8908
https://github.com/advisories/GHSA-5mg8-w23w-74h3
https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40
https://github.com/google/guava/issues/4011
https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E
https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-8908
https://security.netapp.com/advisory/ntap-20220210-0003/
https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | com.h2database:h2 | CVE-2021-23463 | CRITICAL | 1.4.200 | 2.0.202 |
Expand...https://access.redhat.com/security/cve/CVE-2021-23463
https://github.com/advisories/GHSA-7rpj-hg47-cx62
https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3
https://github.com/h2database/h2database/issues/3195
https://github.com/h2database/h2database/pull/3199
https://nvd.nist.gov/vuln/detail/CVE-2021-23463
https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238
https://www.oracle.com/security-alerts/cpuapr2022.html
| | com.h2database:h2 | CVE-2021-42392 | CRITICAL | 1.4.200 | 2.0.206 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392
https://github.com/advisories/GHSA-h376-j262-vhq6
https://github.com/h2database/h2database/releases/tag/version-2.0.206
https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/
https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html
https://nvd.nist.gov/vuln/detail/CVE-2021-42392
https://security.netapp.com/advisory/ntap-20220119-0001/
https://ubuntu.com/security/notices/USN-5365-1
https://www.debian.org/security/2022/dsa-5076
https://www.oracle.com/security-alerts/cpuapr2022.html
| | com.h2database:h2 | CVE-2022-23221 | CRITICAL | 1.4.200 | 2.1.210 |
Expand...http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html
http://seclists.org/fulldisclosure/2022/Jan/39
https://access.redhat.com/security/cve/CVE-2022-23221
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221
https://github.com/advisories/GHSA-45hx-wfhj-473x
https://github.com/h2database/h2database/releases/tag/version-2.1.210
https://github.com/h2database/h2database/security/advisories
https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23221
https://twitter.com/d0nkey_man/status/1483824727936450564
https://ubuntu.com/security/notices/USN-5365-1
https://www.debian.org/security/2022/dsa-5076
https://www.oracle.com/security-alerts/cpuapr2022.html
| | com.h2database:h2 | GMS-2022-7 | UNKNOWN | 1.4.200 | 2.0.206 |
Expand...https://github.com/advisories/GHSA-h376-j262-vhq6
https://github.com/h2database/h2database/releases/tag/version-2.0.206
https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
| | com.squareup.retrofit2:retrofit | CVE-2018-1000850 | HIGH | 2.1.0 | 2.5.0 |
Expand...https://access.redhat.com/errata/RHSA-2019:3892
https://access.redhat.com/security/cve/CVE-2018-1000850
https://github.com/advisories/GHSA-8p8g-f9vg-r7xr
https://github.com/square/retrofit/blob/master/CHANGELOG.md
https://github.com/square/retrofit/commit/b9a7f6ad72073ddd40254c0058710e87a073047d#diff-943ec7ed35e68201824904d1dc0ec982
https://ihacktoprotect.com/post/retrofit-path-traversal/
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2018-1000850
| | commons-io:commons-io | CVE-2021-29425 | MEDIUM | 2.6 | 2.7 |
Expand...https://access.redhat.com/security/cve/CVE-2021-29425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425
https://github.com/advisories/GHSA-gwrp-pvrq-jmwv
https://issues.apache.org/jira/browse/IO-556
https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E
https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2021-29425
https://security.netapp.com/advisory/ntap-20220210-0004/
https://ubuntu.com/security/notices/USN-5095-1
https://www.openwall.com/lists/oss-security/2021/04/12/1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | org.jsoup:jsoup | CVE-2021-37714 | HIGH | 1.11.3 | 1.14.2 |
Expand...https://access.redhat.com/security/cve/CVE-2021-37714
https://github.com/advisories/GHSA-m72m-mhq2-9p6c
https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c
https://jsoup.org/news/release-1.14.1
https://jsoup.org/news/release-1.14.2
https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E
https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-37714
https://security.netapp.com/advisory/ntap-20220210-0022/
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | org.springframework.boot:spring-boot | CVE-2022-22965 | CRITICAL | 2.6.1 | 2.5.12, 2.6.6 |
Expand...http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html
http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html
https://access.redhat.com/security/cve/CVE-2022-22965
https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf
https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds
https://tanzu.vmware.com/security/cve-2022-22965
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.praetorian.com/blog/spring-core-jdk9-rce/
| | org.springframework.boot:spring-boot | GMS-2022-560 | UNKNOWN | 2.6.1 | 2.5.12, 2.6.6 |
Expand...https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://tanzu.vmware.com/security/cve-2022-22965
| | org.springframework.boot:spring-boot | GMS-2022-561 | UNKNOWN | 2.6.1 | 2.5.12, 2.6.6 |
Expand...https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://tanzu.vmware.com/security/cve-2022-22965
| | org.springframework:spring-beans | CVE-2022-22965 | CRITICAL | 5.3.14 | 5.3.18, 5.2.20 |
Expand...http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html
http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html
https://access.redhat.com/security/cve/CVE-2022-22965
https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf
https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds
https://tanzu.vmware.com/security/cve-2022-22965
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.praetorian.com/blog/spring-core-jdk9-rce/
| | org.springframework:spring-core | CVE-2021-22060 | MEDIUM | 5.3.13 | 5.2.19, 5.3.14 |
Expand...https://access.redhat.com/security/cve/CVE-2021-22060
https://github.com/advisories/GHSA-6gf2-pvqw-37ph
https://nvd.nist.gov/vuln/detail/CVE-2021-22060
https://tanzu.vmware.com/security/cve-2021-22060
https://www.oracle.com/security-alerts/cpuapr2022.html
| | org.springframework:spring-core | CVE-2022-22950 | MEDIUM | 5.3.13 | 5.2.20, 5.3.16 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22950
https://github.com/advisories/GHSA-558x-2xjg-6232
https://nvd.nist.gov/vuln/detail/CVE-2022-22950
https://tanzu.vmware.com/security/cve-2022-22950
| | org.springframework:spring-core | CVE-2022-22968 | LOW | 5.3.13 | 5.2.21, 5.3.19 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22968
https://github.com/advisories/GHSA-g5mm-vmx4-3rg7
https://nvd.nist.gov/vuln/detail/CVE-2022-22968
https://tanzu.vmware.com/security/cve-2022-22968
| | org.springframework:spring-webmvc | CVE-2022-22965 | CRITICAL | 5.3.13 | 5.3.18, 5.2.20 |
Expand...http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html
http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html
https://access.redhat.com/security/cve/CVE-2022-22965
https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf
https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds
https://tanzu.vmware.com/security/cve-2022-22965
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.praetorian.com/blog/spring-core-jdk9-rce/
| | org.thymeleaf:thymeleaf-spring5 | CVE-2021-43466 | CRITICAL | 3.0.12.RELEASE | 3.0.13.RELEASE |
Expand...https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html
https://github.com/advisories/GHSA-qcj6-jqrg-4wp2
https://github.com/thymeleaf/thymeleaf-spring/issues/263#issuecomment-977199524
https://nvd.nist.gov/vuln/detail/CVE-2021-43466
https://vuldb.com/?id.186365
|