146 lines
99 KiB
Markdown
146 lines
99 KiB
Markdown
---
|
||
hide:
|
||
- toc
|
||
---
|
||
|
||
# Security Overview
|
||
|
||
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
|
||
|
||
## Helm-Chart
|
||
|
||
##### Scan Results
|
||
|
||
#### Chart Object: prowlarr/templates/common.yaml
|
||
|
||
|
||
|
||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-prowlarr' of Deployment 'RELEASE-NAME-prowlarr' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'resources.limits.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
|
||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'RELEASE-NAME-prowlarr' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'resources.requests.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
|
||
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'resources.requests.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
|
||
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.privileged' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
|
||
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'resources.limits.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
|
||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'RELEASE-NAME-prowlarr' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'RELEASE-NAME-prowlarr' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-prowlarr' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | <details><summary>Expand...</summary> HostPath volumes must be forbidden. <br> <hr> <br> Deployment 'RELEASE-NAME-prowlarr' should not set 'spec.template.volumes.hostPath' </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv023">https://avd.aquasec.com/appshield/ksv023</a><br></details> |
|
||
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment 'RELEASE-NAME-prowlarr' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
|
||
|
||
## Containers
|
||
|
||
##### Detected Containers
|
||
|
||
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
|
||
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
|
||
tccr.io/truecharts/prowlarr:v0.3.0.1710@sha256:1a71c35606866b03af11584095fcdc2ad2e276bb266266ea7347a15a5afbb03f
|
||
|
||
##### Scan Results
|
||
|
||
|
||
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
|
||
|
||
|
||
**alpine**
|
||
|
||
|
||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
|
||
|
||
|
||
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
|
||
|
||
|
||
**alpine**
|
||
|
||
|
||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
|
||
|
||
|
||
#### Container: tccr.io/truecharts/prowlarr:v0.3.0.1710@sha256:1a71c35606866b03af11584095fcdc2ad2e276bb266266ea7347a15a5afbb03f (ubuntu 20.04)
|
||
|
||
|
||
**ubuntu**
|
||
|
||
|
||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | 5.0-6ubuntu1.2 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html">http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-18276">https://access.redhat.com/security/cve/CVE-2019-18276</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276</a><br><a href="https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff">https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff</a><br><a href="https://linux.oracle.com/cve/CVE-2019-18276.html">https://linux.oracle.com/cve/CVE-2019-18276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-1679.html">https://linux.oracle.com/errata/ELSA-2021-1679.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-18276">https://nvd.nist.gov/vuln/detail/CVE-2019-18276</a><br><a href="https://security.gentoo.org/glsa/202105-34">https://security.gentoo.org/glsa/202105-34</a><br><a href="https://security.netapp.com/advisory/ntap-20200430-0003/">https://security.netapp.com/advisory/ntap-20200430-0003/</a><br><a href="https://ubuntu.com/security/notices/USN-5380-1">https://ubuntu.com/security/notices/USN-5380-1</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.youtube.com/watch?v=-wGtxJ8opa8">https://www.youtube.com/watch?v=-wGtxJ8opa8</a><br></details> |
|
||
| coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/452">http://seclists.org/oss-sec/2016/q1/452</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/28/2">http://www.openwall.com/lists/oss-security/2016/02/28/2</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/28/3">http://www.openwall.com/lists/oss-security/2016/02/28/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2781">https://access.redhat.com/security/cve/CVE-2016-2781</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2781">https://nvd.nist.gov/vuln/detail/CVE-2016-2781</a><br></details> |
|
||
| gzip | CVE-2022-1271 | MEDIUM | 1.10-0ubuntu4 | 1.10-0ubuntu4.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1271">https://access.redhat.com/security/cve/CVE-2022-1271</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271</a><br><a href="https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html">https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html</a><br><a href="https://ubuntu.com/security/notices/USN-5378-1">https://ubuntu.com/security/notices/USN-5378-1</a><br><a href="https://ubuntu.com/security/notices/USN-5378-2">https://ubuntu.com/security/notices/USN-5378-2</a><br><a href="https://ubuntu.com/security/notices/USN-5378-3">https://ubuntu.com/security/notices/USN-5378-3</a><br><a href="https://ubuntu.com/security/notices/USN-5378-4">https://ubuntu.com/security/notices/USN-5378-4</a><br><a href="https://www.openwall.com/lists/oss-security/2022/04/07/8">https://www.openwall.com/lists/oss-security/2022/04/07/8</a><br></details> |
|
||
| libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-43618">https://access.redhat.com/security/cve/CVE-2021-43618</a><br><a href="https://bugs.debian.org/994405">https://bugs.debian.org/994405</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618</a><br><a href="https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html">https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html</a><br><a href="https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e">https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43618">https://nvd.nist.gov/vuln/detail/CVE-2021-43618</a><br></details> |
|
||
| libgssapi-krb5-2 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36222">https://access.redhat.com/security/cve/CVE-2021-36222</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222</a><br><a href="https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562">https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562</a><br><a href="https://github.com/krb5/krb5/releases">https://github.com/krb5/krb5/releases</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36222.html">https://linux.oracle.com/cve/CVE-2021-36222.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3576.html">https://linux.oracle.com/errata/ELSA-2021-3576.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36222">https://nvd.nist.gov/vuln/detail/CVE-2021-36222</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0003/">https://security.netapp.com/advisory/ntap-20211022-0003/</a><br><a href="https://security.netapp.com/advisory/ntap-20211104-0007/">https://security.netapp.com/advisory/ntap-20211104-0007/</a><br><a href="https://web.mit.edu/kerberos/advisories/">https://web.mit.edu/kerberos/advisories/</a><br><a href="https://www.debian.org/security/2021/dsa-4944">https://www.debian.org/security/2021/dsa-4944</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||
| libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| libk5crypto3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36222">https://access.redhat.com/security/cve/CVE-2021-36222</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222</a><br><a href="https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562">https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562</a><br><a href="https://github.com/krb5/krb5/releases">https://github.com/krb5/krb5/releases</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36222.html">https://linux.oracle.com/cve/CVE-2021-36222.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3576.html">https://linux.oracle.com/errata/ELSA-2021-3576.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36222">https://nvd.nist.gov/vuln/detail/CVE-2021-36222</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0003/">https://security.netapp.com/advisory/ntap-20211022-0003/</a><br><a href="https://security.netapp.com/advisory/ntap-20211104-0007/">https://security.netapp.com/advisory/ntap-20211104-0007/</a><br><a href="https://web.mit.edu/kerberos/advisories/">https://web.mit.edu/kerberos/advisories/</a><br><a href="https://www.debian.org/security/2021/dsa-4944">https://www.debian.org/security/2021/dsa-4944</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||
| libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| libkrb5-3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36222">https://access.redhat.com/security/cve/CVE-2021-36222</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222</a><br><a href="https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562">https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562</a><br><a href="https://github.com/krb5/krb5/releases">https://github.com/krb5/krb5/releases</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36222.html">https://linux.oracle.com/cve/CVE-2021-36222.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3576.html">https://linux.oracle.com/errata/ELSA-2021-3576.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36222">https://nvd.nist.gov/vuln/detail/CVE-2021-36222</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0003/">https://security.netapp.com/advisory/ntap-20211022-0003/</a><br><a href="https://security.netapp.com/advisory/ntap-20211104-0007/">https://security.netapp.com/advisory/ntap-20211104-0007/</a><br><a href="https://web.mit.edu/kerberos/advisories/">https://web.mit.edu/kerberos/advisories/</a><br><a href="https://www.debian.org/security/2021/dsa-4944">https://www.debian.org/security/2021/dsa-4944</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||
| libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36222">https://access.redhat.com/security/cve/CVE-2021-36222</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222</a><br><a href="https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562">https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562</a><br><a href="https://github.com/krb5/krb5/releases">https://github.com/krb5/krb5/releases</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36222.html">https://linux.oracle.com/cve/CVE-2021-36222.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3576.html">https://linux.oracle.com/errata/ELSA-2021-3576.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36222">https://nvd.nist.gov/vuln/detail/CVE-2021-36222</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0003/">https://security.netapp.com/advisory/ntap-20211022-0003/</a><br><a href="https://security.netapp.com/advisory/ntap-20211104-0007/">https://security.netapp.com/advisory/ntap-20211104-0007/</a><br><a href="https://web.mit.edu/kerberos/advisories/">https://web.mit.edu/kerberos/advisories/</a><br><a href="https://www.debian.org/security/2021/dsa-4944">https://www.debian.org/security/2021/dsa-4944</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||
| liblzma5 | CVE-2022-1271 | MEDIUM | 5.2.4-1ubuntu1 | 5.2.4-1ubuntu1.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1271">https://access.redhat.com/security/cve/CVE-2022-1271</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271</a><br><a href="https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html">https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html</a><br><a href="https://ubuntu.com/security/notices/USN-5378-1">https://ubuntu.com/security/notices/USN-5378-1</a><br><a href="https://ubuntu.com/security/notices/USN-5378-2">https://ubuntu.com/security/notices/USN-5378-2</a><br><a href="https://ubuntu.com/security/notices/USN-5378-3">https://ubuntu.com/security/notices/USN-5378-3</a><br><a href="https://ubuntu.com/security/notices/USN-5378-4">https://ubuntu.com/security/notices/USN-5378-4</a><br><a href="https://www.openwall.com/lists/oss-security/2022/04/07/8">https://www.openwall.com/lists/oss-security/2022/04/07/8</a><br></details> |
|
||
| libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | | <details><summary>Expand...</summary><a href="http://openwall.com/lists/oss-security/2017/07/11/3">http://openwall.com/lists/oss-security/2017/07/11/3</a><br><a href="http://www.securityfocus.com/bid/99575">http://www.securityfocus.com/bid/99575</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-11164">https://access.redhat.com/security/cve/CVE-2017-11164</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||
| libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="http://seclists.org/fulldisclosure/2021/Feb/14">http://seclists.org/fulldisclosure/2021/Feb/14</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-20838">https://access.redhat.com/security/cve/CVE-2019-20838</a><br><a href="https://bugs.gentoo.org/717920">https://bugs.gentoo.org/717920</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838</a><br><a href="https://linux.oracle.com/cve/CVE-2019-20838.html">https://linux.oracle.com/cve/CVE-2019-20838.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4373.html">https://linux.oracle.com/errata/ELSA-2021-4373.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-20838">https://nvd.nist.gov/vuln/detail/CVE-2019-20838</a><br><a href="https://support.apple.com/kb/HT211931">https://support.apple.com/kb/HT211931</a><br><a href="https://support.apple.com/kb/HT212147">https://support.apple.com/kb/HT212147</a><br><a href="https://www.pcre.org/original/changelog.txt">https://www.pcre.org/original/changelog.txt</a><br></details> |
|
||
| libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="http://seclists.org/fulldisclosure/2021/Feb/14">http://seclists.org/fulldisclosure/2021/Feb/14</a><br><a href="https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/">https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-14155">https://access.redhat.com/security/cve/CVE-2020-14155</a><br><a href="https://bugs.gentoo.org/717920">https://bugs.gentoo.org/717920</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155</a><br><a href="https://linux.oracle.com/cve/CVE-2020-14155.html">https://linux.oracle.com/cve/CVE-2020-14155.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4373.html">https://linux.oracle.com/errata/ELSA-2021-4373.html</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-14155">https://nvd.nist.gov/vuln/detail/CVE-2020-14155</a><br><a href="https://support.apple.com/kb/HT211931">https://support.apple.com/kb/HT211931</a><br><a href="https://support.apple.com/kb/HT212147">https://support.apple.com/kb/HT212147</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.pcre.org/original/changelog.txt">https://www.pcre.org/original/changelog.txt</a><br></details> |
|
||
| libpython3.8-minimal | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br></details> |
|
||
| libpython3.8-stdlib | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br></details> |
|
||
| libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36084">https://access.redhat.com/security/cve/CVE-2021-36084</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084</a><br><a href="https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3">https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3</a><br><a href="https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml">https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36084.html">https://linux.oracle.com/cve/CVE-2021-36084.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4513.html">https://linux.oracle.com/errata/ELSA-2021-4513.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/</a><br></details> |
|
||
| libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36085">https://access.redhat.com/security/cve/CVE-2021-36085</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085</a><br><a href="https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba">https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba</a><br><a href="https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml">https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36085.html">https://linux.oracle.com/cve/CVE-2021-36085.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4513.html">https://linux.oracle.com/errata/ELSA-2021-4513.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/</a><br></details> |
|
||
| libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36086">https://access.redhat.com/security/cve/CVE-2021-36086</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086</a><br><a href="https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8">https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8</a><br><a href="https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml">https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36086.html">https://linux.oracle.com/cve/CVE-2021-36086.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4513.html">https://linux.oracle.com/errata/ELSA-2021-4513.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/</a><br></details> |
|
||
| libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-36087">https://access.redhat.com/security/cve/CVE-2021-36087</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087</a><br><a href="https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521">https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521</a><br><a href="https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml">https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml</a><br><a href="https://linux.oracle.com/cve/CVE-2021-36087.html">https://linux.oracle.com/cve/CVE-2021-36087.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4513.html">https://linux.oracle.com/errata/ELSA-2021-4513.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/</a><br><a href="https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/">https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/</a><br></details> |
|
||
| libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/HT211168">https://support.apple.com/HT211168</a><br><a href="https://support.apple.com/HT211170">https://support.apple.com/HT211170</a><br><a href="https://support.apple.com/HT211171">https://support.apple.com/HT211171</a><br><a href="https://support.apple.com/HT211175">https://support.apple.com/HT211175</a><br><a href="https://support.apple.com/HT211178">https://support.apple.com/HT211178</a><br><a href="https://support.apple.com/HT211179">https://support.apple.com/HT211179</a><br><a href="https://support.apple.com/HT211181">https://support.apple.com/HT211181</a><br><a href="https://vuldb.com/?id.155768">https://vuldb.com/?id.155768</a><br></details> |
|
||
| libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT211843">https://support.apple.com/en-us/HT211843</a><br><a href="https://support.apple.com/en-us/HT211844">https://support.apple.com/en-us/HT211844</a><br><a href="https://support.apple.com/en-us/HT211850">https://support.apple.com/en-us/HT211850</a><br><a href="https://support.apple.com/en-us/HT211931">https://support.apple.com/en-us/HT211931</a><br><a href="https://support.apple.com/en-us/HT211935">https://support.apple.com/en-us/HT211935</a><br><a href="https://support.apple.com/en-us/HT211952">https://support.apple.com/en-us/HT211952</a><br><a href="https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/">https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/</a><br></details> |
|
||
| libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT211843">https://support.apple.com/en-us/HT211843</a><br><a href="https://support.apple.com/en-us/HT211844">https://support.apple.com/en-us/HT211844</a><br><a href="https://support.apple.com/en-us/HT211847">https://support.apple.com/en-us/HT211847</a><br><a href="https://support.apple.com/en-us/HT211850">https://support.apple.com/en-us/HT211850</a><br><a href="https://support.apple.com/en-us/HT211931">https://support.apple.com/en-us/HT211931</a><br><a href="https://support.apple.com/kb/HT211846">https://support.apple.com/kb/HT211846</a><br><a href="https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/">https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/</a><br></details> |
|
||
| libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36690">https://nvd.nist.gov/vuln/detail/CVE-2021-36690</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.sqlite.org/forum/forumpost/718c0a8d17">https://www.sqlite.org/forum/forumpost/718c0a8d17</a><br></details> |
|
||
| libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3671">https://access.redhat.com/security/cve/CVE-2021-3671</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2013080,">https://bugzilla.redhat.com/show_bug.cgi?id=2013080,</a><br><a href="https://bugzilla.samba.org/show_bug.cgi?id=14770,">https://bugzilla.samba.org/show_bug.cgi?id=14770,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671</a><br><a href="https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a">https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3671">https://nvd.nist.gov/vuln/detail/CVE-2021-3671</a><br><a href="https://ubuntu.com/security/notices/USN-5142-1">https://ubuntu.com/security/notices/USN-5142-1</a><br><a href="https://ubuntu.com/security/notices/USN-5174-1">https://ubuntu.com/security/notices/USN-5174-1</a><br></details> |
|
||
| login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2013-4235">https://access.redhat.com/security/cve/CVE-2013-4235</a><br><a href="https://access.redhat.com/security/cve/cve-2013-4235">https://access.redhat.com/security/cve/cve-2013-4235</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2013-4235">https://security-tracker.debian.org/tracker/CVE-2013-4235</a><br></details> |
|
||
| passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2013-4235">https://access.redhat.com/security/cve/CVE-2013-4235</a><br><a href="https://access.redhat.com/security/cve/cve-2013-4235">https://access.redhat.com/security/cve/cve-2013-4235</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2013-4235">https://security-tracker.debian.org/tracker/CVE-2013-4235</a><br></details> |
|
||
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | <details><summary>Expand...</summary><a href="http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html">http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-16156">https://access.redhat.com/security/cve/CVE-2020-16156</a><br><a href="https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/">https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156</a><br><a href="https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c">https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/</a><br><a href="https://metacpan.org/pod/distribution/CPAN/scripts/cpan">https://metacpan.org/pod/distribution/CPAN/scripts/cpan</a><br></details> |
|
||
| python3.8 | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br></details> |
|
||
| python3.8-minimal | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br></details> |
|
||
| sqlite3 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/HT211168">https://support.apple.com/HT211168</a><br><a href="https://support.apple.com/HT211170">https://support.apple.com/HT211170</a><br><a href="https://support.apple.com/HT211171">https://support.apple.com/HT211171</a><br><a href="https://support.apple.com/HT211175">https://support.apple.com/HT211175</a><br><a href="https://support.apple.com/HT211178">https://support.apple.com/HT211178</a><br><a href="https://support.apple.com/HT211179">https://support.apple.com/HT211179</a><br><a href="https://support.apple.com/HT211181">https://support.apple.com/HT211181</a><br><a href="https://vuldb.com/?id.155768">https://vuldb.com/?id.155768</a><br></details> |
|
||
| sqlite3 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT211843">https://support.apple.com/en-us/HT211843</a><br><a href="https://support.apple.com/en-us/HT211844">https://support.apple.com/en-us/HT211844</a><br><a href="https://support.apple.com/en-us/HT211850">https://support.apple.com/en-us/HT211850</a><br><a href="https://support.apple.com/en-us/HT211931">https://support.apple.com/en-us/HT211931</a><br><a href="https://support.apple.com/en-us/HT211935">https://support.apple.com/en-us/HT211935</a><br><a href="https://support.apple.com/en-us/HT211952">https://support.apple.com/en-us/HT211952</a><br><a href="https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/">https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/</a><br></details> |
|
||
| sqlite3 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT211843">https://support.apple.com/en-us/HT211843</a><br><a href="https://support.apple.com/en-us/HT211844">https://support.apple.com/en-us/HT211844</a><br><a href="https://support.apple.com/en-us/HT211847">https://support.apple.com/en-us/HT211847</a><br><a href="https://support.apple.com/en-us/HT211850">https://support.apple.com/en-us/HT211850</a><br><a href="https://support.apple.com/en-us/HT211931">https://support.apple.com/en-us/HT211931</a><br><a href="https://support.apple.com/kb/HT211846">https://support.apple.com/kb/HT211846</a><br><a href="https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/">https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/</a><br></details> |
|
||
| sqlite3 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36690">https://nvd.nist.gov/vuln/detail/CVE-2021-36690</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.sqlite.org/forum/forumpost/718c0a8d17">https://www.sqlite.org/forum/forumpost/718c0a8d17</a><br></details> |
|
||
| vim-common | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/Mar/29">http://seclists.org/fulldisclosure/2022/Mar/29</a><br><a href="http://www.openwall.com/lists/oss-security/2022/01/15/1">http://www.openwall.com/lists/oss-security/2022/01/15/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-4166">https://access.redhat.com/security/cve/CVE-2021-4166</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)</a><br><a href="https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035">https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-4166">https://nvd.nist.gov/vuln/detail/CVE-2021-4166</a><br><a href="https://support.apple.com/kb/HT213183">https://support.apple.com/kb/HT213183</a><br></details> |
|
||
| vim-common | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0351">https://access.redhat.com/security/cve/CVE-2022-0351</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)</a><br><a href="https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161">https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161</a><br></details> |
|
||
| vim-common | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0359">https://access.redhat.com/security/cve/CVE-2022-0359</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)</a><br><a href="https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def">https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0359.html">https://linux.oracle.com/cve/CVE-2022-0359.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0359">https://nvd.nist.gov/vuln/detail/CVE-2022-0359</a><br></details> |
|
||
| vim-common | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0361">https://access.redhat.com/security/cve/CVE-2022-0361</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)</a><br><a href="https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b">https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0361.html">https://linux.oracle.com/cve/CVE-2022-0361.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0361">https://nvd.nist.gov/vuln/detail/CVE-2022-0361</a><br></details> |
|
||
| vim-common | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0368">https://access.redhat.com/security/cve/CVE-2022-0368</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0368">https://nvd.nist.gov/vuln/detail/CVE-2022-0368</a><br></details> |
|
||
| vim-tiny | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/Mar/29">http://seclists.org/fulldisclosure/2022/Mar/29</a><br><a href="http://www.openwall.com/lists/oss-security/2022/01/15/1">http://www.openwall.com/lists/oss-security/2022/01/15/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-4166">https://access.redhat.com/security/cve/CVE-2021-4166</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)</a><br><a href="https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035">https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-4166">https://nvd.nist.gov/vuln/detail/CVE-2021-4166</a><br><a href="https://support.apple.com/kb/HT213183">https://support.apple.com/kb/HT213183</a><br></details> |
|
||
| vim-tiny | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0351">https://access.redhat.com/security/cve/CVE-2022-0351</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)</a><br><a href="https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161">https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161</a><br></details> |
|
||
| vim-tiny | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0359">https://access.redhat.com/security/cve/CVE-2022-0359</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)</a><br><a href="https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def">https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0359.html">https://linux.oracle.com/cve/CVE-2022-0359.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0359">https://nvd.nist.gov/vuln/detail/CVE-2022-0359</a><br></details> |
|
||
| vim-tiny | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0361">https://access.redhat.com/security/cve/CVE-2022-0361</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)</a><br><a href="https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b">https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0361.html">https://linux.oracle.com/cve/CVE-2022-0361.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0361">https://nvd.nist.gov/vuln/detail/CVE-2022-0361</a><br></details> |
|
||
| vim-tiny | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0368">https://access.redhat.com/security/cve/CVE-2022-0368</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0368">https://nvd.nist.gov/vuln/detail/CVE-2022-0368</a><br></details> |
|
||
| xxd | CVE-2021-4166 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/Mar/29">http://seclists.org/fulldisclosure/2022/Mar/29</a><br><a href="http://www.openwall.com/lists/oss-security/2022/01/15/1">http://www.openwall.com/lists/oss-security/2022/01/15/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-4166">https://access.redhat.com/security/cve/CVE-2021-4166</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4166</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682</a><br><a href="https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)">https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682 (v8.2.3884)</a><br><a href="https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035">https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-4166">https://nvd.nist.gov/vuln/detail/CVE-2021-4166</a><br><a href="https://support.apple.com/kb/HT213183">https://support.apple.com/kb/HT213183</a><br></details> |
|
||
| xxd | CVE-2022-0351 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0351">https://access.redhat.com/security/cve/CVE-2022-0351</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d</a><br><a href="https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)">https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d (v8.2.4206)</a><br><a href="https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161">https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161</a><br></details> |
|
||
| xxd | CVE-2022-0359 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0359">https://access.redhat.com/security/cve/CVE-2022-0359</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1</a><br><a href="https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)">https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 (v8.2.4214)</a><br><a href="https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def">https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0359.html">https://linux.oracle.com/cve/CVE-2022-0359.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0359">https://nvd.nist.gov/vuln/detail/CVE-2022-0359</a><br></details> |
|
||
| xxd | CVE-2022-0361 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0361">https://access.redhat.com/security/cve/CVE-2022-0361</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366</a><br><a href="https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)">https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 (v8.2.4215)</a><br><a href="https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b">https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0361.html">https://linux.oracle.com/cve/CVE-2022-0361.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0894.html">https://linux.oracle.com/errata/ELSA-2022-0894.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0361">https://nvd.nist.gov/vuln/detail/CVE-2022-0361</a><br></details> |
|
||
| xxd | CVE-2022-0368 | MEDIUM | 2:8.1.2269-1ubuntu5.7 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0368">https://access.redhat.com/security/cve/CVE-2022-0368</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0368</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa</a><br><a href="https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)">https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa (v8.2.4217)</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9</a><br><a href="https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/">https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0368">https://nvd.nist.gov/vuln/detail/CVE-2022-0368</a><br></details> |
|