TrueChartsCatalogClone/stable/nzbhydra/10.0.19/security.md

196 lines
184 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: nzbhydra/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-nzbhydra&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;resources.limits.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-nzbhydra&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;resources.requests.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;resources.requests.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;resources.limits.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-nzbhydra&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-nzbhydra&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | <details><summary>Expand...</summary> HostPath volumes must be forbidden. <br> <hr> <br> Deployment &#39;RELEASE-NAME-nzbhydra&#39; should not set &#39;spec.template.volumes.hostPath&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv023">https://avd.aquasec.com/appshield/ksv023</a><br></details> |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment &#39;RELEASE-NAME-nzbhydra&#39; should set &#39;spec.securityContext.runAsGroup&#39;, &#39;spec.securityContext.supplementalGroups[*]&#39; and &#39;spec.securityContext.fsGroup&#39; to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/nzbhydra2:v4.3.1@sha256:4e3a03a40c163902dc029930920a34efb0f01c35e1a85b55c27274cd4c18b4f6
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1642.html">https://linux.oracle.com/errata/ELSA-2022-1642.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
#### Container: tccr.io/truecharts/nzbhydra2:v4.3.1@sha256:4e3a03a40c163902dc029930920a34efb0f01c35e1a85b55c27274cd4c18b4f6 (ubuntu 20.04)
**ubuntu**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/452">http://seclists.org/oss-sec/2016/q1/452</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/28/2">http://www.openwall.com/lists/oss-security/2016/02/28/2</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/28/3">http://www.openwall.com/lists/oss-security/2016/02/28/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2781">https://access.redhat.com/security/cve/CVE-2016-2781</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2781">https://nvd.nist.gov/vuln/detail/CVE-2016-2781</a><br></details> |
| e2fsprogs | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1304">https://access.redhat.com/security/cve/CVE-2022-1304</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2069726">https://bugzilla.redhat.com/show_bug.cgi?id=2069726</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304</a><br><a href="https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2">https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1304">https://nvd.nist.gov/vuln/detail/CVE-2022-1304</a><br></details> |
| libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| libcom-err2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1304">https://access.redhat.com/security/cve/CVE-2022-1304</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2069726">https://bugzilla.redhat.com/show_bug.cgi?id=2069726</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304</a><br><a href="https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2">https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1304">https://nvd.nist.gov/vuln/detail/CVE-2022-1304</a><br></details> |
| libcups2 | CVE-2019-8842 | LOW | 2.3.1-9ubuntu1.1 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT210788">https://support.apple.com/en-us/HT210788</a><br></details> |
| libcups2 | CVE-2020-10001 | LOW | 2.3.1-9ubuntu1.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-10001">https://access.redhat.com/security/cve/CVE-2020-10001</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001</a><br><a href="https://linux.oracle.com/cve/CVE-2020-10001.html">https://linux.oracle.com/cve/CVE-2020-10001.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4393.html">https://linux.oracle.com/errata/ELSA-2021-4393.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html">https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html</a><br><a href="https://support.apple.com/en-us/HT212011">https://support.apple.com/en-us/HT212011</a><br></details> |
| libdbus-1-3 | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | 1.12.16-2ubuntu2.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-35512">https://access.redhat.com/security/cve/CVE-2020-35512</a><br><a href="https://bugs.gentoo.org/755392">https://bugs.gentoo.org/755392</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1909101">https://bugzilla.redhat.com/show_bug.cgi?id=1909101</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2020-35512">https://security-tracker.debian.org/tracker/CVE-2020-35512</a><br><a href="https://ubuntu.com/security/notices/USN-5244-1">https://ubuntu.com/security/notices/USN-5244-1</a><br><a href="https://ubuntu.com/security/notices/USN-5244-2">https://ubuntu.com/security/notices/USN-5244-2</a><br></details> |
| libext2fs2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1304">https://access.redhat.com/security/cve/CVE-2022-1304</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2069726">https://bugzilla.redhat.com/show_bug.cgi?id=2069726</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304</a><br><a href="https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2">https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1304">https://nvd.nist.gov/vuln/detail/CVE-2022-1304</a><br></details> |
| libfreetype6 | CVE-2022-27404 | MEDIUM | 2.10.1-2ubuntu0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27404">https://access.redhat.com/security/cve/CVE-2022-27404</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db">https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27404">https://nvd.nist.gov/vuln/detail/CVE-2022-27404</a><br></details> |
| libfreetype6 | CVE-2022-27405 | LOW | 2.10.1-2ubuntu0.1 | | <details><summary>Expand...</summary><a href="http://freetype.com">http://freetype.com</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-27405">https://access.redhat.com/security/cve/CVE-2022-27405</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5">https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27405">https://nvd.nist.gov/vuln/detail/CVE-2022-27405</a><br></details> |
| libfreetype6 | CVE-2022-27406 | LOW | 2.10.1-2ubuntu0.1 | | <details><summary>Expand...</summary><a href="http://freetype.com">http://freetype.com</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-27406">https://access.redhat.com/security/cve/CVE-2022-27406</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2">https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27406">https://nvd.nist.gov/vuln/detail/CVE-2022-27406</a><br></details> |
| libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-43618">https://access.redhat.com/security/cve/CVE-2021-43618</a><br><a href="https://bugs.debian.org/994405">https://bugs.debian.org/994405</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618</a><br><a href="https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html">https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html</a><br><a href="https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e">https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43618">https://nvd.nist.gov/vuln/detail/CVE-2021-43618</a><br></details> |
| libgssapi-krb5-2 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36222">https://access.redhat.com/security/cve/CVE-2021-36222</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222</a><br><a href="https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562">https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562</a><br><a href="https://github.com/krb5/krb5/releases">https://github.com/krb5/krb5/releases</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36222.html">https://linux.oracle.com/cve/CVE-2021-36222.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3576.html">https://linux.oracle.com/errata/ELSA-2021-3576.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36222">https://nvd.nist.gov/vuln/detail/CVE-2021-36222</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0003/">https://security.netapp.com/advisory/ntap-20211022-0003/</a><br><a href="https://security.netapp.com/advisory/ntap-20211104-0007/">https://security.netapp.com/advisory/ntap-20211104-0007/</a><br><a href="https://web.mit.edu/kerberos/advisories/">https://web.mit.edu/kerberos/advisories/</a><br><a href="https://www.debian.org/security/2021/dsa-4944">https://www.debian.org/security/2021/dsa-4944</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-17541">https://access.redhat.com/security/cve/CVE-2020-17541</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541</a><br><a href="https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392">https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392</a><br><a href="https://linux.oracle.com/cve/CVE-2020-17541.html">https://linux.oracle.com/cve/CVE-2020-17541.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4288.html">https://linux.oracle.com/errata/ELSA-2021-4288.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-17541">https://nvd.nist.gov/vuln/detail/CVE-2020-17541</a><br></details> |
| libk5crypto3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36222">https://access.redhat.com/security/cve/CVE-2021-36222</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222</a><br><a href="https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562">https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562</a><br><a href="https://github.com/krb5/krb5/releases">https://github.com/krb5/krb5/releases</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36222.html">https://linux.oracle.com/cve/CVE-2021-36222.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3576.html">https://linux.oracle.com/errata/ELSA-2021-3576.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36222">https://nvd.nist.gov/vuln/detail/CVE-2021-36222</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0003/">https://security.netapp.com/advisory/ntap-20211022-0003/</a><br><a href="https://security.netapp.com/advisory/ntap-20211104-0007/">https://security.netapp.com/advisory/ntap-20211104-0007/</a><br><a href="https://web.mit.edu/kerberos/advisories/">https://web.mit.edu/kerberos/advisories/</a><br><a href="https://www.debian.org/security/2021/dsa-4944">https://www.debian.org/security/2021/dsa-4944</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| libkrb5-3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36222">https://access.redhat.com/security/cve/CVE-2021-36222</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222</a><br><a href="https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562">https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562</a><br><a href="https://github.com/krb5/krb5/releases">https://github.com/krb5/krb5/releases</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36222.html">https://linux.oracle.com/cve/CVE-2021-36222.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3576.html">https://linux.oracle.com/errata/ELSA-2021-3576.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36222">https://nvd.nist.gov/vuln/detail/CVE-2021-36222</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0003/">https://security.netapp.com/advisory/ntap-20211022-0003/</a><br><a href="https://security.netapp.com/advisory/ntap-20211104-0007/">https://security.netapp.com/advisory/ntap-20211104-0007/</a><br><a href="https://web.mit.edu/kerberos/advisories/">https://web.mit.edu/kerberos/advisories/</a><br><a href="https://www.debian.org/security/2021/dsa-4944">https://www.debian.org/security/2021/dsa-4944</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36222">https://access.redhat.com/security/cve/CVE-2021-36222</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222</a><br><a href="https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562">https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562</a><br><a href="https://github.com/krb5/krb5/releases">https://github.com/krb5/krb5/releases</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36222.html">https://linux.oracle.com/cve/CVE-2021-36222.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3576.html">https://linux.oracle.com/errata/ELSA-2021-3576.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36222">https://nvd.nist.gov/vuln/detail/CVE-2021-36222</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0003/">https://security.netapp.com/advisory/ntap-20211022-0003/</a><br><a href="https://security.netapp.com/advisory/ntap-20211104-0007/">https://security.netapp.com/advisory/ntap-20211104-0007/</a><br><a href="https://web.mit.edu/kerberos/advisories/">https://web.mit.edu/kerberos/advisories/</a><br><a href="https://www.debian.org/security/2021/dsa-4944">https://www.debian.org/security/2021/dsa-4944</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libnss3 | CVE-2020-25648 | LOW | 2:3.49.1-1ubuntu1.6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25648.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25648.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-25648">https://access.redhat.com/security/cve/CVE-2020-25648</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1887319">https://bugzilla.redhat.com/show_bug.cgi?id=1887319</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25648">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25648</a><br><a href="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes">https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes</a><br><a href="https://linux.oracle.com/cve/CVE-2020-25648.html">https://linux.oracle.com/cve/CVE-2020-25648.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3572.html">https://linux.oracle.com/errata/ELSA-2021-3572.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRM53IQCPZT2US3M7JXTP6I6IBA5RGOD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRM53IQCPZT2US3M7JXTP6I6IBA5RGOD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPOLN6DJUYQ3QBQEGLZGV73SNIPK7GHV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPOLN6DJUYQ3QBQEGLZGV73SNIPK7GHV/</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| libnss3 | CVE-2022-22747 | LOW | 2:3.49.1-1ubuntu1.6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22747">https://access.redhat.com/security/cve/CVE-2022-22747</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22747.html">https://linux.oracle.com/cve/CVE-2022-22747.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0130.html">https://linux.oracle.com/errata/ELSA-2022-0130.html</a><br><a href="https://ubuntu.com/security/notices/USN-5229-1">https://ubuntu.com/security/notices/USN-5229-1</a><br><a href="https://ubuntu.com/security/notices/USN-5246-1">https://ubuntu.com/security/notices/USN-5246-1</a><br><a href="https://ubuntu.com/security/notices/USN-5248-1">https://ubuntu.com/security/notices/USN-5248-1</a><br><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/#CVE-2022-22747">https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/#CVE-2022-22747</a><br></details> |
| libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | | <details><summary>Expand...</summary><a href="http://openwall.com/lists/oss-security/2017/07/11/3">http://openwall.com/lists/oss-security/2017/07/11/3</a><br><a href="http://www.securityfocus.com/bid/99575">http://www.securityfocus.com/bid/99575</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-11164">https://access.redhat.com/security/cve/CVE-2017-11164</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="http://seclists.org/fulldisclosure/2021/Feb/14">http://seclists.org/fulldisclosure/2021/Feb/14</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-20838">https://access.redhat.com/security/cve/CVE-2019-20838</a><br><a href="https://bugs.gentoo.org/717920">https://bugs.gentoo.org/717920</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838</a><br><a href="https://linux.oracle.com/cve/CVE-2019-20838.html">https://linux.oracle.com/cve/CVE-2019-20838.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4373.html">https://linux.oracle.com/errata/ELSA-2021-4373.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-20838">https://nvd.nist.gov/vuln/detail/CVE-2019-20838</a><br><a href="https://support.apple.com/kb/HT211931">https://support.apple.com/kb/HT211931</a><br><a href="https://support.apple.com/kb/HT212147">https://support.apple.com/kb/HT212147</a><br><a href="https://www.pcre.org/original/changelog.txt">https://www.pcre.org/original/changelog.txt</a><br></details> |
| libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="http://seclists.org/fulldisclosure/2021/Feb/14">http://seclists.org/fulldisclosure/2021/Feb/14</a><br><a href="https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/">https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-14155">https://access.redhat.com/security/cve/CVE-2020-14155</a><br><a href="https://bugs.gentoo.org/717920">https://bugs.gentoo.org/717920</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155</a><br><a href="https://linux.oracle.com/cve/CVE-2020-14155.html">https://linux.oracle.com/cve/CVE-2020-14155.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4373.html">https://linux.oracle.com/errata/ELSA-2021-4373.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-14155">https://nvd.nist.gov/vuln/detail/CVE-2020-14155</a><br><a href="https://support.apple.com/kb/HT211931">https://support.apple.com/kb/HT211931</a><br><a href="https://support.apple.com/kb/HT212147">https://support.apple.com/kb/HT212147</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.pcre.org/original/changelog.txt">https://www.pcre.org/original/changelog.txt</a><br></details> |
| libpython3.8-minimal | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-20107">https://nvd.nist.gov/vuln/detail/CVE-2015-20107</a><br></details> |
| libpython3.8-stdlib | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-20107">https://nvd.nist.gov/vuln/detail/CVE-2015-20107</a><br></details> |
| libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | 3.0-1ubuntu0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36084">https://access.redhat.com/security/cve/CVE-2021-36084</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084</a><br><a href="https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3">https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3</a><br><a href="https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml">https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36084.html">https://linux.oracle.com/cve/CVE-2021-36084.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4513.html">https://linux.oracle.com/errata/ELSA-2021-4513.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/</a><br><a href="https://ubuntu.com/security/notices/USN-5391-1">https://ubuntu.com/security/notices/USN-5391-1</a><br></details> |
| libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | 3.0-1ubuntu0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36085">https://access.redhat.com/security/cve/CVE-2021-36085</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085</a><br><a href="https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba">https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba</a><br><a href="https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml">https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36085.html">https://linux.oracle.com/cve/CVE-2021-36085.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4513.html">https://linux.oracle.com/errata/ELSA-2021-4513.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/</a><br><a href="https://ubuntu.com/security/notices/USN-5391-1">https://ubuntu.com/security/notices/USN-5391-1</a><br></details> |
| libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | 3.0-1ubuntu0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36086">https://access.redhat.com/security/cve/CVE-2021-36086</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086</a><br><a href="https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8">https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8</a><br><a href="https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml">https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36086.html">https://linux.oracle.com/cve/CVE-2021-36086.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4513.html">https://linux.oracle.com/errata/ELSA-2021-4513.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/</a><br><a href="https://ubuntu.com/security/notices/USN-5391-1">https://ubuntu.com/security/notices/USN-5391-1</a><br></details> |
| libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | 3.0-1ubuntu0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36087">https://access.redhat.com/security/cve/CVE-2021-36087</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087</a><br><a href="https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521">https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521</a><br><a href="https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml">https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36087.html">https://linux.oracle.com/cve/CVE-2021-36087.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4513.html">https://linux.oracle.com/errata/ELSA-2021-4513.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/</a><br><a href="https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/">https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/</a><br><a href="https://ubuntu.com/security/notices/USN-5391-1">https://ubuntu.com/security/notices/USN-5391-1</a><br></details> |
| libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/HT211168">https://support.apple.com/HT211168</a><br><a href="https://support.apple.com/HT211170">https://support.apple.com/HT211170</a><br><a href="https://support.apple.com/HT211171">https://support.apple.com/HT211171</a><br><a href="https://support.apple.com/HT211175">https://support.apple.com/HT211175</a><br><a href="https://support.apple.com/HT211178">https://support.apple.com/HT211178</a><br><a href="https://support.apple.com/HT211179">https://support.apple.com/HT211179</a><br><a href="https://support.apple.com/HT211181">https://support.apple.com/HT211181</a><br><a href="https://vuldb.com/?id.155768">https://vuldb.com/?id.155768</a><br></details> |
| libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT211843">https://support.apple.com/en-us/HT211843</a><br><a href="https://support.apple.com/en-us/HT211844">https://support.apple.com/en-us/HT211844</a><br><a href="https://support.apple.com/en-us/HT211850">https://support.apple.com/en-us/HT211850</a><br><a href="https://support.apple.com/en-us/HT211931">https://support.apple.com/en-us/HT211931</a><br><a href="https://support.apple.com/en-us/HT211935">https://support.apple.com/en-us/HT211935</a><br><a href="https://support.apple.com/en-us/HT211952">https://support.apple.com/en-us/HT211952</a><br><a href="https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/">https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/</a><br></details> |
| libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT211843">https://support.apple.com/en-us/HT211843</a><br><a href="https://support.apple.com/en-us/HT211844">https://support.apple.com/en-us/HT211844</a><br><a href="https://support.apple.com/en-us/HT211847">https://support.apple.com/en-us/HT211847</a><br><a href="https://support.apple.com/en-us/HT211850">https://support.apple.com/en-us/HT211850</a><br><a href="https://support.apple.com/en-us/HT211931">https://support.apple.com/en-us/HT211931</a><br><a href="https://support.apple.com/kb/HT211846">https://support.apple.com/kb/HT211846</a><br><a href="https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/">https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/</a><br></details> |
| libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | 3.31.1-4ubuntu0.3 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36690">https://nvd.nist.gov/vuln/detail/CVE-2021-36690</a><br><a href="https://ubuntu.com/security/notices/USN-5403-1">https://ubuntu.com/security/notices/USN-5403-1</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.sqlite.org/forum/forumpost/718c0a8d17">https://www.sqlite.org/forum/forumpost/718c0a8d17</a><br></details> |
| libss2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1304">https://access.redhat.com/security/cve/CVE-2022-1304</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2069726">https://bugzilla.redhat.com/show_bug.cgi?id=2069726</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304</a><br><a href="https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2">https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1304">https://nvd.nist.gov/vuln/detail/CVE-2022-1304</a><br></details> |
| libssl1.1 | CVE-2022-1292 | MEDIUM | 1.1.1f-1ubuntu2.12 | 1.1.1f-1ubuntu2.13 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://ubuntu.com/security/notices/USN-5402-1">https://ubuntu.com/security/notices/USN-5402-1</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details> |
| libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
| login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2013-4235">https://access.redhat.com/security/cve/CVE-2013-4235</a><br><a href="https://access.redhat.com/security/cve/cve-2013-4235">https://access.redhat.com/security/cve/cve-2013-4235</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2013-4235">https://security-tracker.debian.org/tracker/CVE-2013-4235</a><br></details> |
| logsave | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1304">https://access.redhat.com/security/cve/CVE-2022-1304</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2069726">https://bugzilla.redhat.com/show_bug.cgi?id=2069726</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304</a><br><a href="https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2">https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1304">https://nvd.nist.gov/vuln/detail/CVE-2022-1304</a><br></details> |
| openssl | CVE-2022-1292 | MEDIUM | 1.1.1f-1ubuntu2.12 | 1.1.1f-1ubuntu2.13 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://ubuntu.com/security/notices/USN-5402-1">https://ubuntu.com/security/notices/USN-5402-1</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details> |
| passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2013-4235">https://access.redhat.com/security/cve/CVE-2013-4235</a><br><a href="https://access.redhat.com/security/cve/cve-2013-4235">https://access.redhat.com/security/cve/cve-2013-4235</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2013-4235">https://security-tracker.debian.org/tracker/CVE-2013-4235</a><br></details> |
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | <details><summary>Expand...</summary><a href="http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html">http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-16156">https://access.redhat.com/security/cve/CVE-2020-16156</a><br><a href="https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/">https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156</a><br><a href="https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c">https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/</a><br><a href="https://metacpan.org/pod/distribution/CPAN/scripts/cpan">https://metacpan.org/pod/distribution/CPAN/scripts/cpan</a><br></details> |
| python3.8 | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-20107">https://nvd.nist.gov/vuln/detail/CVE-2015-20107</a><br></details> |
| python3.8-minimal | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-20107">https://nvd.nist.gov/vuln/detail/CVE-2015-20107</a><br></details> |
| vim-common | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/Mar/29">http://seclists.org/fulldisclosure/2022/Mar/29</a><br><a href="http://www.openwall.com/lists/oss-security/2022/01/15/1">http://www.openwall.com/lists/oss-security/2022/01/15/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-4166">https://access.redhat.com/security/cve/CVE-2021-4166</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)</a><br><a href="https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035">https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-4166">https://nvd.nist.gov/vuln/detail/CVE-2021-4166</a><br><a href="https://support.apple.com/kb/HT213183">https://support.apple.com/kb/HT213183</a><br></details> |
| vim-common | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0351">https://access.redhat.com/security/cve/CVE-2022-0351</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)</a><br><a href="https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161">https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161</a><br></details> |
| vim-common | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0359">https://access.redhat.com/security/cve/CVE-2022-0359</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)</a><br><a href="https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def">https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0359.html">https://linux.oracle.com/cve/CVE-2022-0359.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0359">https://nvd.nist.gov/vuln/detail/CVE-2022-0359</a><br></details> |
| vim-common | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0361">https://access.redhat.com/security/cve/CVE-2022-0361</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)</a><br><a href="https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b">https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0361.html">https://linux.oracle.com/cve/CVE-2022-0361.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0361">https://nvd.nist.gov/vuln/detail/CVE-2022-0361</a><br></details> |
| vim-common | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0368">https://access.redhat.com/security/cve/CVE-2022-0368</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0368">https://nvd.nist.gov/vuln/detail/CVE-2022-0368</a><br></details> |
| vim-tiny | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/Mar/29">http://seclists.org/fulldisclosure/2022/Mar/29</a><br><a href="http://www.openwall.com/lists/oss-security/2022/01/15/1">http://www.openwall.com/lists/oss-security/2022/01/15/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-4166">https://access.redhat.com/security/cve/CVE-2021-4166</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)</a><br><a href="https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035">https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-4166">https://nvd.nist.gov/vuln/detail/CVE-2021-4166</a><br><a href="https://support.apple.com/kb/HT213183">https://support.apple.com/kb/HT213183</a><br></details> |
| vim-tiny | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0351">https://access.redhat.com/security/cve/CVE-2022-0351</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)</a><br><a href="https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161">https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161</a><br></details> |
| vim-tiny | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0359">https://access.redhat.com/security/cve/CVE-2022-0359</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)</a><br><a href="https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def">https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0359.html">https://linux.oracle.com/cve/CVE-2022-0359.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0359">https://nvd.nist.gov/vuln/detail/CVE-2022-0359</a><br></details> |
| vim-tiny | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0361">https://access.redhat.com/security/cve/CVE-2022-0361</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)</a><br><a href="https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b">https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0361.html">https://linux.oracle.com/cve/CVE-2022-0361.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0361">https://nvd.nist.gov/vuln/detail/CVE-2022-0361</a><br></details> |
| vim-tiny | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0368">https://access.redhat.com/security/cve/CVE-2022-0368</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0368">https://nvd.nist.gov/vuln/detail/CVE-2022-0368</a><br></details> |
| xxd | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/Mar/29">http://seclists.org/fulldisclosure/2022/Mar/29</a><br><a href="http://www.openwall.com/lists/oss-security/2022/01/15/1">http://www.openwall.com/lists/oss-security/2022/01/15/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-4166">https://access.redhat.com/security/cve/CVE-2021-4166</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)</a><br><a href="https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035">https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-4166">https://nvd.nist.gov/vuln/detail/CVE-2021-4166</a><br><a href="https://support.apple.com/kb/HT213183">https://support.apple.com/kb/HT213183</a><br></details> |
| xxd | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0351">https://access.redhat.com/security/cve/CVE-2022-0351</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)</a><br><a href="https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161">https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161</a><br></details> |
| xxd | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0359">https://access.redhat.com/security/cve/CVE-2022-0359</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)</a><br><a href="https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def">https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0359.html">https://linux.oracle.com/cve/CVE-2022-0359.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0359">https://nvd.nist.gov/vuln/detail/CVE-2022-0359</a><br></details> |
| xxd | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0361">https://access.redhat.com/security/cve/CVE-2022-0361</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)</a><br><a href="https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b">https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0361.html">https://linux.oracle.com/cve/CVE-2022-0361.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0361">https://nvd.nist.gov/vuln/detail/CVE-2022-0361</a><br></details> |
| xxd | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0368">https://access.redhat.com/security/cve/CVE-2022-0368</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0368">https://nvd.nist.gov/vuln/detail/CVE-2022-0368</a><br></details> |
**jar**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-36518 | HIGH | 2.13.0 | 2.12.6.1, 2.13.2.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-36518">https://access.redhat.com/security/cve/CVE-2020-36518</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b">https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2816">https://github.com/FasterXML/jackson-databind/issues/2816</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13</a><br><a href="https://github.com/advisories/GHSA-57j2-w4cx-62h2">https://github.com/advisories/GHSA-57j2-w4cx-62h2</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-36518">https://nvd.nist.gov/vuln/detail/CVE-2020-36518</a><br><a href="https://security.netapp.com/advisory/ntap-20220506-0004/">https://security.netapp.com/advisory/ntap-20220506-0004/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| com.google.guava:guava | CVE-2018-10237 | MEDIUM | 20.0 | 24.1.1-jre, 24.1.1-android | <details><summary>Expand...</summary><a href="http://www.securitytracker.com/id/1041707">http://www.securitytracker.com/id/1041707</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2423">https://access.redhat.com/errata/RHSA-2018:2423</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2424">https://access.redhat.com/errata/RHSA-2018:2424</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2425">https://access.redhat.com/errata/RHSA-2018:2425</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2428">https://access.redhat.com/errata/RHSA-2018:2428</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2598">https://access.redhat.com/errata/RHSA-2018:2598</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2643">https://access.redhat.com/errata/RHSA-2018:2643</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2740">https://access.redhat.com/errata/RHSA-2018:2740</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2741">https://access.redhat.com/errata/RHSA-2018:2741</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2742">https://access.redhat.com/errata/RHSA-2018:2742</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2743">https://access.redhat.com/errata/RHSA-2018:2743</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2927">https://access.redhat.com/errata/RHSA-2018:2927</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-10237">https://access.redhat.com/security/cve/CVE-2018-10237</a><br><a href="https://github.com/advisories/GHSA-mvr2-9pj6-7w5j">https://github.com/advisories/GHSA-mvr2-9pj6-7w5j</a><br><a href="https://github.com/google/guava/wiki/CVE-2018-10237">https://github.com/google/guava/wiki/CVE-2018-10237</a><br><a href="https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion">https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion</a><br><a href="https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion">https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E">https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E">https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E">https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E">https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E">https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E">https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E">https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E">https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E">https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E">https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E">https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E">https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E">https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E">https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E">https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E">https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E">https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E">https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-10237">https://nvd.nist.gov/vuln/detail/CVE-2018-10237</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.google.guava:guava | CVE-2020-8908 | LOW | 20.0 | 30.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-8908">https://access.redhat.com/security/cve/CVE-2020-8908</a><br><a href="https://github.com/advisories/GHSA-5mg8-w23w-74h3">https://github.com/advisories/GHSA-5mg8-w23w-74h3</a><br><a href="https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40">https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40</a><br><a href="https://github.com/google/guava/issues/4011">https://github.com/google/guava/issues/4011</a><br><a href="https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E">https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E">https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E">https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E">https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E">https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E">https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E">https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E">https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E">https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E">https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E">https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E">https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E">https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-8908">https://nvd.nist.gov/vuln/detail/CVE-2020-8908</a><br><a href="https://security.netapp.com/advisory/ntap-20220210-0003/">https://security.netapp.com/advisory/ntap-20220210-0003/</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415">https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.h2database:h2 | CVE-2021-23463 | CRITICAL | 1.4.200 | 2.0.202 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23463">https://access.redhat.com/security/cve/CVE-2021-23463</a><br><a href="https://github.com/advisories/GHSA-7rpj-hg47-cx62">https://github.com/advisories/GHSA-7rpj-hg47-cx62</a><br><a href="https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3">https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3</a><br><a href="https://github.com/h2database/h2database/issues/3195">https://github.com/h2database/h2database/issues/3195</a><br><a href="https://github.com/h2database/h2database/pull/3199">https://github.com/h2database/h2database/pull/3199</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23463">https://nvd.nist.gov/vuln/detail/CVE-2021-23463</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238">https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| com.h2database:h2 | CVE-2021-42392 | CRITICAL | 1.4.200 | 2.0.206 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42392">https://access.redhat.com/security/cve/CVE-2021-42392</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392</a><br><a href="https://github.com/advisories/GHSA-h376-j262-vhq6">https://github.com/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.0.206">https://github.com/h2database/h2database/releases/tag/version-2.0.206</a><br><a href="https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6">https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/">https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html">https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42392">https://nvd.nist.gov/vuln/detail/CVE-2021-42392</a><br><a href="https://security.netapp.com/advisory/ntap-20220119-0001/">https://security.netapp.com/advisory/ntap-20220119-0001/</a><br><a href="https://ubuntu.com/security/notices/USN-5365-1">https://ubuntu.com/security/notices/USN-5365-1</a><br><a href="https://www.debian.org/security/2022/dsa-5076">https://www.debian.org/security/2022/dsa-5076</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| com.h2database:h2 | CVE-2022-23221 | CRITICAL | 1.4.200 | 2.1.210 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html">http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html</a><br><a href="http://seclists.org/fulldisclosure/2022/Jan/39">http://seclists.org/fulldisclosure/2022/Jan/39</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-23221">https://access.redhat.com/security/cve/CVE-2022-23221</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221</a><br><a href="https://github.com/advisories/GHSA-45hx-wfhj-473x">https://github.com/advisories/GHSA-45hx-wfhj-473x</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.1.210">https://github.com/h2database/h2database/releases/tag/version-2.1.210</a><br><a href="https://github.com/h2database/h2database/security/advisories">https://github.com/h2database/h2database/security/advisories</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html">https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23221">https://nvd.nist.gov/vuln/detail/CVE-2022-23221</a><br><a href="https://twitter.com/d0nkey_man/status/1483824727936450564">https://twitter.com/d0nkey_man/status/1483824727936450564</a><br><a href="https://ubuntu.com/security/notices/USN-5365-1">https://ubuntu.com/security/notices/USN-5365-1</a><br><a href="https://www.debian.org/security/2022/dsa-5076">https://www.debian.org/security/2022/dsa-5076</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| com.h2database:h2 | GMS-2022-7 | UNKNOWN | 1.4.200 | 2.0.206 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-h376-j262-vhq6">https://github.com/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.0.206">https://github.com/h2database/h2database/releases/tag/version-2.0.206</a><br><a href="https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6">https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6</a><br></details> |
| com.squareup.retrofit2:retrofit | CVE-2018-1000850 | HIGH | 2.1.0 | 2.5.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1000850">https://access.redhat.com/security/cve/CVE-2018-1000850</a><br><a href="https://github.com/advisories/GHSA-8p8g-f9vg-r7xr">https://github.com/advisories/GHSA-8p8g-f9vg-r7xr</a><br><a href="https://github.com/square/retrofit/blob/master/CHANGELOG.md">https://github.com/square/retrofit/blob/master/CHANGELOG.md</a><br><a href="https://github.com/square/retrofit/commit/b9a7f6ad72073ddd40254c0058710e87a073047d#diff-943ec7ed35e68201824904d1dc0ec982">https://github.com/square/retrofit/commit/b9a7f6ad72073ddd40254c0058710e87a073047d#diff-943ec7ed35e68201824904d1dc0ec982</a><br><a href="https://ihacktoprotect.com/post/retrofit-path-traversal/">https://ihacktoprotect.com/post/retrofit-path-traversal/</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1000850">https://nvd.nist.gov/vuln/detail/CVE-2018-1000850</a><br></details> |
| commons-io:commons-io | CVE-2021-29425 | MEDIUM | 2.6 | 2.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-29425">https://access.redhat.com/security/cve/CVE-2021-29425</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425</a><br><a href="https://github.com/advisories/GHSA-gwrp-pvrq-jmwv">https://github.com/advisories/GHSA-gwrp-pvrq-jmwv</a><br><a href="https://issues.apache.org/jira/browse/IO-556">https://issues.apache.org/jira/browse/IO-556</a><br><a href="https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E">https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E">https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E">https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E">https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E">https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E">https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E">https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E">https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E">https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E">https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html">https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-29425">https://nvd.nist.gov/vuln/detail/CVE-2021-29425</a><br><a href="https://security.netapp.com/advisory/ntap-20220210-0004/">https://security.netapp.com/advisory/ntap-20220210-0004/</a><br><a href="https://ubuntu.com/security/notices/USN-5095-1">https://ubuntu.com/security/notices/USN-5095-1</a><br><a href="https://www.openwall.com/lists/oss-security/2021/04/12/1">https://www.openwall.com/lists/oss-security/2021/04/12/1</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| org.jsoup:jsoup | CVE-2021-37714 | HIGH | 1.11.3 | 1.14.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-37714">https://access.redhat.com/security/cve/CVE-2021-37714</a><br><a href="https://github.com/advisories/GHSA-m72m-mhq2-9p6c">https://github.com/advisories/GHSA-m72m-mhq2-9p6c</a><br><a href="https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c">https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c</a><br><a href="https://jsoup.org/news/release-1.14.1">https://jsoup.org/news/release-1.14.1</a><br><a href="https://jsoup.org/news/release-1.14.2">https://jsoup.org/news/release-1.14.2</a><br><a href="https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E">https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E">https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E">https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-37714">https://nvd.nist.gov/vuln/detail/CVE-2021-37714</a><br><a href="https://security.netapp.com/advisory/ntap-20220210-0022/">https://security.netapp.com/advisory/ntap-20220210-0022/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br></details> |
| org.springframework.boot:spring-boot | CVE-2022-22965 | CRITICAL | 2.6.1 | 2.5.12, 2.6.6 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html">http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22965">https://access.redhat.com/security/cve/CVE-2022-22965</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf</a><br><a href="https://github.com/advisories/GHSA-36p3-wjmg-h94x">https://github.com/advisories/GHSA-36p3-wjmg-h94x</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12">https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6">https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6</a><br><a href="https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15">https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE">https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18">https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22965">https://nvd.nist.gov/vuln/detail/CVE-2022-22965</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005</a><br><a href="https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement">https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement</a><br><a href="https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds">https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds</a><br><a href="https://tanzu.vmware.com/security/cve-2022-22965">https://tanzu.vmware.com/security/cve-2022-22965</a><br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67</a><br><a href="https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html">https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.praetorian.com/blog/spring-core-jdk9-rce/">https://www.praetorian.com/blog/spring-core-jdk9-rce/</a><br></details> |
| org.springframework.boot:spring-boot | GMS-2022-560 | UNKNOWN | 2.6.1 | 2.5.12, 2.6.6 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-36p3-wjmg-h94x">https://github.com/advisories/GHSA-36p3-wjmg-h94x</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12">https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6">https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6</a><br><a href="https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15">https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE">https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18">https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22965">https://nvd.nist.gov/vuln/detail/CVE-2022-22965</a><br><a href="https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement">https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement</a><br><a href="https://tanzu.vmware.com/security/cve-2022-22965">https://tanzu.vmware.com/security/cve-2022-22965</a><br></details> |
| org.springframework.boot:spring-boot | GMS-2022-561 | UNKNOWN | 2.6.1 | 2.5.12, 2.6.6 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-36p3-wjmg-h94x">https://github.com/advisories/GHSA-36p3-wjmg-h94x</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12">https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6">https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6</a><br><a href="https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15">https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE">https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18">https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22965">https://nvd.nist.gov/vuln/detail/CVE-2022-22965</a><br><a href="https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement">https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement</a><br><a href="https://tanzu.vmware.com/security/cve-2022-22965">https://tanzu.vmware.com/security/cve-2022-22965</a><br></details> |
| org.springframework:spring-beans | CVE-2022-22965 | CRITICAL | 5.3.14 | 5.3.18, 5.2.20 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html">http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22965">https://access.redhat.com/security/cve/CVE-2022-22965</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf</a><br><a href="https://github.com/advisories/GHSA-36p3-wjmg-h94x">https://github.com/advisories/GHSA-36p3-wjmg-h94x</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12">https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6">https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6</a><br><a href="https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15">https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE">https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18">https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22965">https://nvd.nist.gov/vuln/detail/CVE-2022-22965</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005</a><br><a href="https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement">https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement</a><br><a href="https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds">https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds</a><br><a href="https://tanzu.vmware.com/security/cve-2022-22965">https://tanzu.vmware.com/security/cve-2022-22965</a><br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67</a><br><a href="https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html">https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.praetorian.com/blog/spring-core-jdk9-rce/">https://www.praetorian.com/blog/spring-core-jdk9-rce/</a><br></details> |
| org.springframework:spring-core | CVE-2021-22060 | MEDIUM | 5.3.13 | 5.2.19, 5.3.14 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-22060">https://access.redhat.com/security/cve/CVE-2021-22060</a><br><a href="https://github.com/advisories/GHSA-6gf2-pvqw-37ph">https://github.com/advisories/GHSA-6gf2-pvqw-37ph</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-22060">https://nvd.nist.gov/vuln/detail/CVE-2021-22060</a><br><a href="https://tanzu.vmware.com/security/cve-2021-22060">https://tanzu.vmware.com/security/cve-2021-22060</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| org.springframework:spring-core | CVE-2022-22950 | MEDIUM | 5.3.13 | 5.2.20, 5.3.16 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22950">https://access.redhat.com/security/cve/CVE-2022-22950</a><br><a href="https://github.com/advisories/GHSA-558x-2xjg-6232">https://github.com/advisories/GHSA-558x-2xjg-6232</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22950">https://nvd.nist.gov/vuln/detail/CVE-2022-22950</a><br><a href="https://tanzu.vmware.com/security/cve-2022-22950">https://tanzu.vmware.com/security/cve-2022-22950</a><br></details> |
| org.springframework:spring-core | CVE-2022-22968 | LOW | 5.3.13 | 5.2.21, 5.3.19 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22968">https://access.redhat.com/security/cve/CVE-2022-22968</a><br><a href="https://github.com/advisories/GHSA-g5mm-vmx4-3rg7">https://github.com/advisories/GHSA-g5mm-vmx4-3rg7</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22968">https://nvd.nist.gov/vuln/detail/CVE-2022-22968</a><br><a href="https://tanzu.vmware.com/security/cve-2022-22968">https://tanzu.vmware.com/security/cve-2022-22968</a><br></details> |
| org.springframework:spring-webmvc | CVE-2022-22965 | CRITICAL | 5.3.13 | 5.3.18, 5.2.20 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html">http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22965">https://access.redhat.com/security/cve/CVE-2022-22965</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf</a><br><a href="https://github.com/advisories/GHSA-36p3-wjmg-h94x">https://github.com/advisories/GHSA-36p3-wjmg-h94x</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12">https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12</a><br><a href="https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6">https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6</a><br><a href="https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15">https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE">https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE</a><br><a href="https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18">https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22965">https://nvd.nist.gov/vuln/detail/CVE-2022-22965</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005</a><br><a href="https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement">https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement</a><br><a href="https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds">https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds</a><br><a href="https://tanzu.vmware.com/security/cve-2022-22965">https://tanzu.vmware.com/security/cve-2022-22965</a><br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67</a><br><a href="https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html">https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.praetorian.com/blog/spring-core-jdk9-rce/">https://www.praetorian.com/blog/spring-core-jdk9-rce/</a><br></details> |
| org.thymeleaf:thymeleaf-spring5 | CVE-2021-43466 | CRITICAL | 3.0.12.RELEASE | 3.0.13.RELEASE | <details><summary>Expand...</summary><a href="https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html">https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html</a><br><a href="https://github.com/advisories/GHSA-qcj6-jqrg-4wp2">https://github.com/advisories/GHSA-qcj6-jqrg-4wp2</a><br><a href="https://github.com/thymeleaf/thymeleaf-spring/issues/263#issuecomment-977199524">https://github.com/thymeleaf/thymeleaf-spring/issues/263#issuecomment-977199524</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43466">https://nvd.nist.gov/vuln/detail/CVE-2021-43466</a><br><a href="https://vuldb.com/?id.186365">https://vuldb.com/?id.186365</a><br></details> |