TrueChartsCatalogClone/stable/gaps/9.0.27/security.md

hide
toc

Security Overview

Helm-Chart

Scan Results

Chart Object: gaps/templates/common.yaml

Type	Misconfiguration ID	Check	Severity	Explaination	Links
Kubernetes Security Check	KSV003	Default capabilities not dropped	LOW	Expand... The container should drop all default capabilities and add only those that are needed for its execution. Container 'RELEASE-NAME-gaps' of Deployment 'RELEASE-NAME-gaps' should add 'ALL' to 'securityContext.capabilities.drop'	Expand... https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/ https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check	KSV012	Runs as root user	MEDIUM	Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. Container 'autopermissions' of Deployment 'RELEASE-NAME-gaps' should set 'securityContext.runAsNonRoot' to true	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check	KSV014	Root file system is not read-only	LOW	Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. Container 'RELEASE-NAME-gaps' of Deployment 'RELEASE-NAME-gaps' should set 'securityContext.readOnlyRootFilesystem' to true	Expand... https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/ https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check	KSV014	Root file system is not read-only	LOW	Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. Container 'autopermissions' of Deployment 'RELEASE-NAME-gaps' should set 'securityContext.readOnlyRootFilesystem' to true	Expand... https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/ https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'RELEASE-NAME-gaps' of Deployment 'RELEASE-NAME-gaps' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'autopermissions' of Deployment 'RELEASE-NAME-gaps' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'RELEASE-NAME-gaps' of Deployment 'RELEASE-NAME-gaps' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'autopermissions' of Deployment 'RELEASE-NAME-gaps' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV029	A root primary or supplementary GID set	LOW	Expand... Containers should be forbidden from running with a root primary or supplementary GID. Deployment 'RELEASE-NAME-gaps' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv029

Containers

Detected Containers

      tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
      tccr.io/truecharts/gaps:v0.8.8@sha256:76d297b1431aa14c7643d0e8b0c91167cdb3ac35efa978c32162482ed03ccd73

Scan Results

Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)

alpine

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
busybox	CVE-2021-42378	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42379	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42380	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42381	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42382	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42383	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
busybox	CVE-2021-42384	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42385	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42386	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42374	MEDIUM	1.33.1-r3	1.33.1-r4	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42375	MEDIUM	1.33.1-r3	1.33.1-r5	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
ssl_client	CVE-2021-42378	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42379	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42380	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42381	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42382	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42383	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
ssl_client	CVE-2021-42384	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42385	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42386	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42374	MEDIUM	1.33.1-r3	1.33.1-r4	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42375	MEDIUM	1.33.1-r3	1.33.1-r5	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

Container: tccr.io/truecharts/gaps:v0.8.8@sha256:76d297b1431aa14c7643d0e8b0c91167cdb3ac35efa978c32162482ed03ccd73 (ubuntu 20.04)

ubuntu

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
bash	CVE-2019-18276	LOW	5.0-6ubuntu1.1		Expand... http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276 https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff https://linux.oracle.com/cve/CVE-2019-18276.html https://linux.oracle.com/errata/ELSA-2021-1679.html https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://security.gentoo.org/glsa/202105-34 https://security.netapp.com/advisory/ntap-20200430-0003/ https://www.youtube.com/watch?v=-wGtxJ8opa8
coreutils	CVE-2016-2781	LOW	8.30-3ubuntu2		Expand... http://seclists.org/oss-sec/2016/q1/452 http://www.openwall.com/lists/oss-security/2016/02/28/2 http://www.openwall.com/lists/oss-security/2016/02/28/3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lore.kernel.org/patchwork/patch/793178/
curl	CVE-2021-22876	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.5	Expand... https://curl.se/docs/CVE-2021-22876.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876 https://hackerone.com/reports/1101882 https://linux.oracle.com/cve/CVE-2021-22876.html https://linux.oracle.com/errata/ELSA-2021-4511.html https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/ https://security.gentoo.org/glsa/202105-36 https://security.netapp.com/advisory/ntap-20210521-0007/ https://ubuntu.com/security/notices/USN-4898-1 https://ubuntu.com/security/notices/USN-4903-1
curl	CVE-2021-22890	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.5	Expand... https://curl.se/docs/CVE-2021-22890.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890 https://hackerone.com/reports/1129529 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/ https://security.gentoo.org/glsa/202105-36 https://security.netapp.com/advisory/ntap-20210521-0007/ https://ubuntu.com/security/notices/USN-4898-1
curl	CVE-2021-22924	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.6	Expand... https://curl.se/docs/CVE-2021-22924.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924 https://hackerone.com/reports/1223565 https://linux.oracle.com/cve/CVE-2021-22924.html https://linux.oracle.com/errata/ELSA-2021-3582.html https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/ https://security.netapp.com/advisory/ntap-20210902-0003/ https://ubuntu.com/security/notices/USN-5021-1 https://www.oracle.com/security-alerts/cpuoct2021.html
curl	CVE-2021-22925	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.6	Expand... http://seclists.org/fulldisclosure/2021/Sep/39 http://seclists.org/fulldisclosure/2021/Sep/40 https://curl.se/docs/CVE-2021-22925.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925 https://hackerone.com/reports/1223882 https://linux.oracle.com/cve/CVE-2021-22925.html https://linux.oracle.com/errata/ELSA-2021-4511.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/ https://security.netapp.com/advisory/ntap-20210902-0003/ https://support.apple.com/kb/HT212804 https://support.apple.com/kb/HT212805 https://ubuntu.com/security/notices/USN-5021-1 https://www.oracle.com/security-alerts/cpuoct2021.html
curl	CVE-2021-22946	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.7	Expand... https://curl.se/docs/CVE-2021-22946.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946 https://hackerone.com/reports/1334111 https://linux.oracle.com/cve/CVE-2021-22946.html https://linux.oracle.com/errata/ELSA-2021-4059.html https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/ https://security.netapp.com/advisory/ntap-20211029-0003/ https://ubuntu.com/security/notices/USN-5079-1 https://ubuntu.com/security/notices/USN-5079-2 https://www.oracle.com/security-alerts/cpuoct2021.html
curl	CVE-2021-22947	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.7	Expand... https://curl.se/docs/CVE-2021-22947.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947 https://hackerone.com/reports/1334763 https://launchpad.net/bugs/1944120 (regression bug) https://linux.oracle.com/cve/CVE-2021-22947.html https://linux.oracle.com/errata/ELSA-2021-4059.html https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/ https://security.netapp.com/advisory/ntap-20211029-0003/ https://ubuntu.com/security/notices/USN-5079-1 https://ubuntu.com/security/notices/USN-5079-2 https://ubuntu.com/security/notices/USN-5079-3 https://ubuntu.com/security/notices/USN-5079-4 https://www.oracle.com/security-alerts/cpuoct2021.html
curl	CVE-2021-22898	LOW	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.6	Expand... http://www.openwall.com/lists/oss-security/2021/07/21/4 https://curl.se/docs/CVE-2021-22898.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898 https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde https://hackerone.com/reports/1176461 https://linux.oracle.com/cve/CVE-2021-22898.html https://linux.oracle.com/errata/ELSA-2021-4511.html https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/ https://ubuntu.com/security/notices/USN-5021-1 https://www.oracle.com//security-alerts/cpujul2021.html
libasn1-8-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libc-bin	CVE-2021-35942	MEDIUM	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942 https://linux.oracle.com/cve/CVE-2021-35942.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://security.netapp.com/advisory/ntap-20210827-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=28011 https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c https://sourceware.org/glibc/wiki/Security%20Exceptions
libc-bin	CVE-2021-38604	MEDIUM	2.31-0ubuntu9.1		Expand... https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/ https://security.netapp.com/advisory/ntap-20210909-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=28213 https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641 https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
libc-bin	CVE-2016-10228	LOW	2.31-0ubuntu9.1		Expand... http://openwall.com/lists/oss-security/2017/03/01/10 http://www.securityfocus.com/bid/96525 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228 https://linux.oracle.com/cve/CVE-2016-10228.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://security.gentoo.org/glsa/202101-20 https://sourceware.org/bugzilla/show_bug.cgi?id=19519 https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 https://sourceware.org/bugzilla/show_bug.cgi?id=26224
libc-bin	CVE-2019-25013	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013 https://linux.oracle.com/cve/CVE-2019-25013.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ https://security.netapp.com/advisory/ntap-20210205-0004/ https://sourceware.org/bugzilla/show_bug.cgi?id=24973 https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
libc-bin	CVE-2020-27618	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618 https://linux.oracle.com/cve/CVE-2020-27618.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://security.netapp.com/advisory/ntap-20210401-0006/ https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 https://sourceware.org/bugzilla/show_bug.cgi?id=26224
libc-bin	CVE-2020-29562	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ https://security.gentoo.org/glsa/202101-20 https://security.netapp.com/advisory/ntap-20210122-0004/ https://sourceware.org/bugzilla/show_bug.cgi?id=26923 https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
libc-bin	CVE-2020-6096	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/ https://security.gentoo.org/glsa/202101-20 https://sourceware.org/bugzilla/attachment.cgi?id=12334 https://sourceware.org/bugzilla/show_bug.cgi?id=25620 https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019 https://ubuntu.com/security/notices/USN-4954-1 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
libc-bin	CVE-2021-27645	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645 https://linux.oracle.com/cve/CVE-2021-27645.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/ https://sourceware.org/bugzilla/show_bug.cgi?id=27462
libc-bin	CVE-2021-3326	LOW	2.31-0ubuntu9.1		Expand... http://www.openwall.com/lists/oss-security/2021/01/28/2 https://bugs.chromium.org/p/project-zero/issues/detail?id=2146 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326 https://linux.oracle.com/cve/CVE-2021-3326.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://security.netapp.com/advisory/ntap-20210304-0007/ https://sourceware.org/bugzilla/show_bug.cgi?id=27256 https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888 https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
libc-bin	CVE-2021-33574	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574 https://linux.oracle.com/cve/CVE-2021-33574.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/ https://security.gentoo.org/glsa/202107-07 https://security.netapp.com/advisory/ntap-20210629-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=27896 https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
libc6	CVE-2021-35942	MEDIUM	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942 https://linux.oracle.com/cve/CVE-2021-35942.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://security.netapp.com/advisory/ntap-20210827-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=28011 https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c https://sourceware.org/glibc/wiki/Security%20Exceptions
libc6	CVE-2021-38604	MEDIUM	2.31-0ubuntu9.1		Expand... https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/ https://security.netapp.com/advisory/ntap-20210909-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=28213 https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641 https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
libc6	CVE-2016-10228	LOW	2.31-0ubuntu9.1		Expand... http://openwall.com/lists/oss-security/2017/03/01/10 http://www.securityfocus.com/bid/96525 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228 https://linux.oracle.com/cve/CVE-2016-10228.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://security.gentoo.org/glsa/202101-20 https://sourceware.org/bugzilla/show_bug.cgi?id=19519 https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 https://sourceware.org/bugzilla/show_bug.cgi?id=26224
libc6	CVE-2019-25013	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013 https://linux.oracle.com/cve/CVE-2019-25013.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ https://security.netapp.com/advisory/ntap-20210205-0004/ https://sourceware.org/bugzilla/show_bug.cgi?id=24973 https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
libc6	CVE-2020-27618	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618 https://linux.oracle.com/cve/CVE-2020-27618.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://security.netapp.com/advisory/ntap-20210401-0006/ https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 https://sourceware.org/bugzilla/show_bug.cgi?id=26224
libc6	CVE-2020-29562	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ https://security.gentoo.org/glsa/202101-20 https://security.netapp.com/advisory/ntap-20210122-0004/ https://sourceware.org/bugzilla/show_bug.cgi?id=26923 https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
libc6	CVE-2020-6096	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/ https://security.gentoo.org/glsa/202101-20 https://sourceware.org/bugzilla/attachment.cgi?id=12334 https://sourceware.org/bugzilla/show_bug.cgi?id=25620 https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019 https://ubuntu.com/security/notices/USN-4954-1 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
libc6	CVE-2021-27645	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645 https://linux.oracle.com/cve/CVE-2021-27645.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/ https://sourceware.org/bugzilla/show_bug.cgi?id=27462
libc6	CVE-2021-3326	LOW	2.31-0ubuntu9.1		Expand... http://www.openwall.com/lists/oss-security/2021/01/28/2 https://bugs.chromium.org/p/project-zero/issues/detail?id=2146 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326 https://linux.oracle.com/cve/CVE-2021-3326.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://security.netapp.com/advisory/ntap-20210304-0007/ https://sourceware.org/bugzilla/show_bug.cgi?id=27256 https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888 https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
libc6	CVE-2021-33574	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574 https://linux.oracle.com/cve/CVE-2021-33574.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/ https://security.gentoo.org/glsa/202107-07 https://security.netapp.com/advisory/ntap-20210629-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=27896 https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
libcurl4	CVE-2021-22876	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.5	Expand... https://curl.se/docs/CVE-2021-22876.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876 https://hackerone.com/reports/1101882 https://linux.oracle.com/cve/CVE-2021-22876.html https://linux.oracle.com/errata/ELSA-2021-4511.html https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/ https://security.gentoo.org/glsa/202105-36 https://security.netapp.com/advisory/ntap-20210521-0007/ https://ubuntu.com/security/notices/USN-4898-1 https://ubuntu.com/security/notices/USN-4903-1
libcurl4	CVE-2021-22890	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.5	Expand... https://curl.se/docs/CVE-2021-22890.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890 https://hackerone.com/reports/1129529 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/ https://security.gentoo.org/glsa/202105-36 https://security.netapp.com/advisory/ntap-20210521-0007/ https://ubuntu.com/security/notices/USN-4898-1
libcurl4	CVE-2021-22924	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.6	Expand... https://curl.se/docs/CVE-2021-22924.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924 https://hackerone.com/reports/1223565 https://linux.oracle.com/cve/CVE-2021-22924.html https://linux.oracle.com/errata/ELSA-2021-3582.html https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/ https://security.netapp.com/advisory/ntap-20210902-0003/ https://ubuntu.com/security/notices/USN-5021-1 https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl4	CVE-2021-22925	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.6	Expand... http://seclists.org/fulldisclosure/2021/Sep/39 http://seclists.org/fulldisclosure/2021/Sep/40 https://curl.se/docs/CVE-2021-22925.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925 https://hackerone.com/reports/1223882 https://linux.oracle.com/cve/CVE-2021-22925.html https://linux.oracle.com/errata/ELSA-2021-4511.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/ https://security.netapp.com/advisory/ntap-20210902-0003/ https://support.apple.com/kb/HT212804 https://support.apple.com/kb/HT212805 https://ubuntu.com/security/notices/USN-5021-1 https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl4	CVE-2021-22946	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.7	Expand... https://curl.se/docs/CVE-2021-22946.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946 https://hackerone.com/reports/1334111 https://linux.oracle.com/cve/CVE-2021-22946.html https://linux.oracle.com/errata/ELSA-2021-4059.html https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/ https://security.netapp.com/advisory/ntap-20211029-0003/ https://ubuntu.com/security/notices/USN-5079-1 https://ubuntu.com/security/notices/USN-5079-2 https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl4	CVE-2021-22947	MEDIUM	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.7	Expand... https://curl.se/docs/CVE-2021-22947.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947 https://hackerone.com/reports/1334763 https://launchpad.net/bugs/1944120 (regression bug) https://linux.oracle.com/cve/CVE-2021-22947.html https://linux.oracle.com/errata/ELSA-2021-4059.html https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/ https://security.netapp.com/advisory/ntap-20211029-0003/ https://ubuntu.com/security/notices/USN-5079-1 https://ubuntu.com/security/notices/USN-5079-2 https://ubuntu.com/security/notices/USN-5079-3 https://ubuntu.com/security/notices/USN-5079-4 https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl4	CVE-2021-22898	LOW	7.68.0-1ubuntu2.4	7.68.0-1ubuntu2.6	Expand... http://www.openwall.com/lists/oss-security/2021/07/21/4 https://curl.se/docs/CVE-2021-22898.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898 https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde https://hackerone.com/reports/1176461 https://linux.oracle.com/cve/CVE-2021-22898.html https://linux.oracle.com/errata/ELSA-2021-4511.html https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/ https://ubuntu.com/security/notices/USN-5021-1 https://www.oracle.com//security-alerts/cpujul2021.html
libgcrypt20	CVE-2021-40528	MEDIUM	1.8.5-5ubuntu1	1.8.5-5ubuntu1.1	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528 https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13 https://eprint.iacr.org/2021/923 https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320 https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1 https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2 https://ubuntu.com/security/notices/USN-5080-1 https://ubuntu.com/security/notices/USN-5080-2
libgcrypt20	CVE-2021-33560	LOW	1.8.5-5ubuntu1	1.8.5-5ubuntu1.1	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560 https://dev.gnupg.org/T5305 https://dev.gnupg.org/T5328 https://dev.gnupg.org/T5466 https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61 https://eprint.iacr.org/2021/923 https://linux.oracle.com/cve/CVE-2021-33560.html https://linux.oracle.com/errata/ELSA-2021-4409.html https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/ https://ubuntu.com/security/notices/USN-5080-1 https://ubuntu.com/security/notices/USN-5080-2 https://www.oracle.com/security-alerts/cpuoct2021.html
libgmp10	CVE-2021-43618	LOW	2:6.2.0+dfsg-4		Expand... https://bugs.debian.org/994405 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618 https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
libgnutls30	CVE-2021-20231	LOW	3.6.13-2ubuntu1.3	3.6.13-2ubuntu1.6	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1922276 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231 https://linux.oracle.com/cve/CVE-2021-20231.html https://linux.oracle.com/errata/ELSA-2021-4451.html https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/ https://security.netapp.com/advisory/ntap-20210416-0005/ https://ubuntu.com/security/notices/USN-5029-1 https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
libgnutls30	CVE-2021-20232	LOW	3.6.13-2ubuntu1.3	3.6.13-2ubuntu1.6	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1922275 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232 https://linux.oracle.com/cve/CVE-2021-20232.html https://linux.oracle.com/errata/ELSA-2021-4451.html https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/ https://security.netapp.com/advisory/ntap-20210416-0005/ https://ubuntu.com/security/notices/USN-5029-1 https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
libgssapi-krb5-2	CVE-2021-36222	MEDIUM	1.17-6ubuntu4.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222 https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562 https://github.com/krb5/krb5/releases https://linux.oracle.com/cve/CVE-2021-36222.html https://linux.oracle.com/errata/ELSA-2021-3576.html https://security.netapp.com/advisory/ntap-20211022-0003/ https://security.netapp.com/advisory/ntap-20211104-0007/ https://web.mit.edu/kerberos/advisories/ https://www.debian.org/security/2021/dsa-4944 https://www.oracle.com/security-alerts/cpuoct2021.html
libgssapi-krb5-2	CVE-2018-5709	LOW	1.17-6ubuntu4.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libgssapi3-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libhcrypto4-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libheimbase1-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libheimntlm0-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libhogweed5	CVE-2021-20305	MEDIUM	3.5.1+really3.5.1-2	3.5.1+really3.5.1-2ubuntu0.1	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1942533 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305 https://linux.oracle.com/cve/CVE-2021-20305.html https://linux.oracle.com/errata/ELSA-2021-1206.html https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/ https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html https://security.gentoo.org/glsa/202105-31 https://security.netapp.com/advisory/ntap-20211022-0002/ https://ubuntu.com/security/notices/USN-4906-1 https://www.debian.org/security/2021/dsa-4933
libhogweed5	CVE-2021-3580	MEDIUM	3.5.1+really3.5.1-2	3.5.1+really3.5.1-2ubuntu0.2	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1967983 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580 https://linux.oracle.com/cve/CVE-2021-3580.html https://linux.oracle.com/errata/ELSA-2021-4451.html https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html https://security.netapp.com/advisory/ntap-20211104-0006/ https://ubuntu.com/security/notices/USN-4990-1
libhx509-5-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libk5crypto3	CVE-2021-36222	MEDIUM	1.17-6ubuntu4.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222 https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562 https://github.com/krb5/krb5/releases https://linux.oracle.com/cve/CVE-2021-36222.html https://linux.oracle.com/errata/ELSA-2021-3576.html https://security.netapp.com/advisory/ntap-20211022-0003/ https://security.netapp.com/advisory/ntap-20211104-0007/ https://web.mit.edu/kerberos/advisories/ https://www.debian.org/security/2021/dsa-4944 https://www.oracle.com/security-alerts/cpuoct2021.html
libk5crypto3	CVE-2018-5709	LOW	1.17-6ubuntu4.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libkrb5-26-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libkrb5-3	CVE-2021-36222	MEDIUM	1.17-6ubuntu4.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222 https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562 https://github.com/krb5/krb5/releases https://linux.oracle.com/cve/CVE-2021-36222.html https://linux.oracle.com/errata/ELSA-2021-3576.html https://security.netapp.com/advisory/ntap-20211022-0003/ https://security.netapp.com/advisory/ntap-20211104-0007/ https://web.mit.edu/kerberos/advisories/ https://www.debian.org/security/2021/dsa-4944 https://www.oracle.com/security-alerts/cpuoct2021.html
libkrb5-3	CVE-2018-5709	LOW	1.17-6ubuntu4.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libkrb5support0	CVE-2021-36222	MEDIUM	1.17-6ubuntu4.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222 https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562 https://github.com/krb5/krb5/releases https://linux.oracle.com/cve/CVE-2021-36222.html https://linux.oracle.com/errata/ELSA-2021-3576.html https://security.netapp.com/advisory/ntap-20211022-0003/ https://security.netapp.com/advisory/ntap-20211104-0007/ https://web.mit.edu/kerberos/advisories/ https://www.debian.org/security/2021/dsa-4944 https://www.oracle.com/security-alerts/cpuoct2021.html
libkrb5support0	CVE-2018-5709	LOW	1.17-6ubuntu4.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libldap-2.4-2	CVE-2020-36221	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9404 https://bugs.openldap.org/show_bug.cgi?id=9424 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36221 https://git.openldap.org/openldap/openldap/-/commit/38ac838e4150c626bbfa0082b7e2cf3a2bb4df31 https://git.openldap.org/openldap/openldap/-/commit/58c1748e81c843c5b6e61648d2a4d1d82b47e842 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36222	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9406 https://bugs.openldap.org/show_bug.cgi?id=9407 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36222 https://git.openldap.org/openldap/openldap/-/commit/02dfc32d658fadc25e4040f78e36592f6e1e1ca0 https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed.aa https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36223	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9408 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36223 https://git.openldap.org/openldap/openldap/-/commit/21981053a1195ae1555e23df4d9ac68d34ede9dd https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36224	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9409 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36224 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36225	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9412 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36225 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36226	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9413 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36226 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36227	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9428 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36227 https://git.openldap.org/openldap/openldap/-/commit/9d0e8485f3113505743baabf1167e01e4558ccf5 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36228	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9427 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36228 https://git.openldap.org/openldap/openldap/-/commit/91dccd25c347733b365adc74cb07d074512ed5ad https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36229	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9425 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36229 https://git.openldap.org/openldap/openldap/-/commit/4bdfffd2889c0c5cdf58bebafbdc8fce4bb2bff0 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2020-36230	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9423 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36230 https://git.openldap.org/openldap/openldap/-/commit/8c1d96ee36ed98b32cd0e28b7069c7b8ea09d793 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-2.4-2	CVE-2021-27212	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.7	Expand... https://bugs.openldap.org/show_bug.cgi?id=9454 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27212 https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0 https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00035.html https://security.netapp.com/advisory/ntap-20210319-0005/ https://ubuntu.com/security/notices/USN-4744-1 https://www.debian.org/security/2021/dsa-4860
libldap-common	CVE-2020-36221	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9404 https://bugs.openldap.org/show_bug.cgi?id=9424 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36221 https://git.openldap.org/openldap/openldap/-/commit/38ac838e4150c626bbfa0082b7e2cf3a2bb4df31 https://git.openldap.org/openldap/openldap/-/commit/58c1748e81c843c5b6e61648d2a4d1d82b47e842 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36222	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9406 https://bugs.openldap.org/show_bug.cgi?id=9407 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36222 https://git.openldap.org/openldap/openldap/-/commit/02dfc32d658fadc25e4040f78e36592f6e1e1ca0 https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed.aa https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36223	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9408 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36223 https://git.openldap.org/openldap/openldap/-/commit/21981053a1195ae1555e23df4d9ac68d34ede9dd https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36224	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9409 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36224 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36225	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9412 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36225 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36226	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9413 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36226 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36227	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9428 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36227 https://git.openldap.org/openldap/openldap/-/commit/9d0e8485f3113505743baabf1167e01e4558ccf5 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36228	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9427 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36228 https://git.openldap.org/openldap/openldap/-/commit/91dccd25c347733b365adc74cb07d074512ed5ad https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36229	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9425 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36229 https://git.openldap.org/openldap/openldap/-/commit/4bdfffd2889c0c5cdf58bebafbdc8fce4bb2bff0 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2020-36230	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.6	Expand... http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9423 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36230 https://git.openldap.org/openldap/openldap/-/commit/8c1d96ee36ed98b32cd0e28b7069c7b8ea09d793 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212530 https://support.apple.com/kb/HT212531 https://ubuntu.com/security/notices/USN-4724-1 https://www.debian.org/security/2021/dsa-4845
libldap-common	CVE-2021-27212	MEDIUM	2.4.49+dfsg-2ubuntu1.5	2.4.49+dfsg-2ubuntu1.7	Expand... https://bugs.openldap.org/show_bug.cgi?id=9454 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27212 https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0 https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00035.html https://security.netapp.com/advisory/ntap-20210319-0005/ https://ubuntu.com/security/notices/USN-4744-1 https://www.debian.org/security/2021/dsa-4860
liblz4-1	CVE-2021-3520	MEDIUM	1.9.2-2	1.9.2-2ubuntu0.20.04.1	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1954559 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520 https://github.com/lz4/lz4/pull/972 https://linux.oracle.com/cve/CVE-2021-3520.html https://linux.oracle.com/errata/ELSA-2021-2575.html https://security.netapp.com/advisory/ntap-20211104-0005/ https://ubuntu.com/security/notices/USN-4968-1 https://ubuntu.com/security/notices/USN-4968-2 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
libnettle7	CVE-2021-20305	MEDIUM	3.5.1+really3.5.1-2	3.5.1+really3.5.1-2ubuntu0.1	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1942533 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305 https://linux.oracle.com/cve/CVE-2021-20305.html https://linux.oracle.com/errata/ELSA-2021-1206.html https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/ https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html https://security.gentoo.org/glsa/202105-31 https://security.netapp.com/advisory/ntap-20211022-0002/ https://ubuntu.com/security/notices/USN-4906-1 https://www.debian.org/security/2021/dsa-4933
libnettle7	CVE-2021-3580	MEDIUM	3.5.1+really3.5.1-2	3.5.1+really3.5.1-2ubuntu0.2	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1967983 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580 https://linux.oracle.com/cve/CVE-2021-3580.html https://linux.oracle.com/errata/ELSA-2021-4451.html https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html https://security.netapp.com/advisory/ntap-20211104-0006/ https://ubuntu.com/security/notices/USN-4990-1
libp11-kit0	CVE-2020-29361	MEDIUM	0.23.20-1build1	0.23.20-1ubuntu0.1	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29361 https://github.com/p11-glue/p11-kit/releases https://github.com/p11-glue/p11-kit/security/advisories/GHSA-q4r3-hm6m-mvc2 https://linux.oracle.com/cve/CVE-2020-29361.html https://linux.oracle.com/errata/ELSA-2021-1609.html https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/01/msg00002.html https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html https://ubuntu.com/security/notices/USN-4677-1 https://ubuntu.com/security/notices/USN-4677-2 https://www.debian.org/security/2021/dsa-4822
libp11-kit0	CVE-2020-29362	MEDIUM	0.23.20-1build1	0.23.20-1ubuntu0.1	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29362 https://github.com/p11-glue/p11-kit/releases https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5wpq-43j2-6qwc https://linux.oracle.com/cve/CVE-2020-29362.html https://linux.oracle.com/errata/ELSA-2021-1609.html https://lists.debian.org/debian-lts-announce/2021/01/msg00002.html https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html https://ubuntu.com/security/notices/USN-4677-1 https://www.debian.org/security/2021/dsa-4822
libp11-kit0	CVE-2020-29363	MEDIUM	0.23.20-1build1	0.23.20-1ubuntu0.1	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29363 https://github.com/p11-glue/p11-kit/releases https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x https://linux.oracle.com/cve/CVE-2020-29363.html https://linux.oracle.com/errata/ELSA-2021-1609.html https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html https://ubuntu.com/security/notices/USN-4677-1 https://www.debian.org/security/2021/dsa-4822
libpcre3	CVE-2017-11164	LOW	2:8.39-12build1		Expand... http://openwall.com/lists/oss-security/2017/07/11/3 http://www.securityfocus.com/bid/99575 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libpcre3	CVE-2019-20838	LOW	2:8.39-12build1		Expand... http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2021/Feb/14 https://bugs.gentoo.org/717920 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838 https://linux.oracle.com/cve/CVE-2019-20838.html https://linux.oracle.com/errata/ELSA-2021-4373.html https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://support.apple.com/kb/HT211931 https://support.apple.com/kb/HT212147 https://www.pcre.org/original/changelog.txt
libpcre3	CVE-2020-14155	LOW	2:8.39-12build1		Expand... http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2021/Feb/14 https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/ https://bugs.gentoo.org/717920 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155 https://linux.oracle.com/cve/CVE-2020-14155.html https://linux.oracle.com/errata/ELSA-2021-4373.html https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://support.apple.com/kb/HT211931 https://support.apple.com/kb/HT212147 https://www.pcre.org/original/changelog.txt
libroken18-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libsqlite3-0	CVE-2020-9794	MEDIUM	3.31.1-4ubuntu0.2		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://support.apple.com/HT211168 https://support.apple.com/HT211170 https://support.apple.com/HT211171 https://support.apple.com/HT211175 https://support.apple.com/HT211178 https://support.apple.com/HT211179 https://support.apple.com/HT211181 https://vuldb.com/?id.155768
libsqlite3-0	CVE-2020-9849	LOW	3.31.1-4ubuntu0.2		Expand... http://seclists.org/fulldisclosure/2020/Dec/32 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://support.apple.com/en-us/HT211843 https://support.apple.com/en-us/HT211844 https://support.apple.com/en-us/HT211850 https://support.apple.com/en-us/HT211931 https://support.apple.com/en-us/HT211935 https://support.apple.com/en-us/HT211952 https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
libsqlite3-0	CVE-2020-9991	LOW	3.31.1-4ubuntu0.2		Expand... http://seclists.org/fulldisclosure/2020/Dec/32 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://support.apple.com/en-us/HT211843 https://support.apple.com/en-us/HT211844 https://support.apple.com/en-us/HT211847 https://support.apple.com/en-us/HT211850 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT211846 https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
libssh-4	CVE-2021-3634	MEDIUM	0.9.3-2ubuntu2.1	0.9.3-2ubuntu2.2	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1978810 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/ https://security.netapp.com/advisory/ntap-20211004-0003/ https://ubuntu.com/security/notices/USN-5053-1 https://www.debian.org/security/2021/dsa-4965
libssl1.1	CVE-2021-3449	HIGH	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.3	Expand... http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://linux.oracle.com/cve/CVE-2021-3449.html https://linux.oracle.com/errata/ELSA-2021-9151.html https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210326-0006/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://ubuntu.com/security/notices/USN-4891-1 https://ubuntu.com/security/notices/USN-5038-1 https://www.debian.org/security/2021/dsa-4875 https://www.openssl.org/news/secadv/20210325.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-06 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
libssl1.1	CVE-2021-3711	HIGH	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.8	Expand... http://www.openwall.com/lists/oss-security/2021/08/26/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E https://security.netapp.com/advisory/ntap-20210827-0010/ https://security.netapp.com/advisory/ntap-20211022-0003/ https://ubuntu.com/security/notices/USN-5051-1 https://www.debian.org/security/2021/dsa-4963 https://www.openssl.org/news/secadv/20210824.txt https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-16
libssl1.1	CVE-2021-23841	MEDIUM	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.2	Expand... http://seclists.org/fulldisclosure/2021/May/67 http://seclists.org/fulldisclosure/2021/May/68 http://seclists.org/fulldisclosure/2021/May/70 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://linux.oracle.com/cve/CVE-2021-23841.html https://linux.oracle.com/errata/ELSA-2021-9561.html https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210219-0009/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://support.apple.com/kb/HT212528 https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212534 https://ubuntu.com/security/notices/USN-4738-1 https://ubuntu.com/security/notices/USN-4745-1 https://www.debian.org/security/2021/dsa-4855 https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-03 https://www.tenable.com/security/tns-2021-09
libssl1.1	CVE-2021-3712	MEDIUM	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.8	Expand... http://www.openwall.com/lists/oss-security/2021/08/26/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html https://security.netapp.com/advisory/ntap-20210827-0010/ https://ubuntu.com/security/notices/USN-5051-1 https://ubuntu.com/security/notices/USN-5051-2 https://ubuntu.com/security/notices/USN-5051-3 https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm) https://ubuntu.com/security/notices/USN-5088-1 https://www.debian.org/security/2021/dsa-4963 https://www.openssl.org/news/secadv/20210824.txt https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-16
libssl1.1	CVE-2021-23840	LOW	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.2	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://linux.oracle.com/cve/CVE-2021-23840.html https://linux.oracle.com/errata/ELSA-2021-9561.html https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210219-0009/ https://ubuntu.com/security/notices/USN-4738-1 https://ubuntu.com/security/notices/USN-5088-1 https://www.debian.org/security/2021/dsa-4855 https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-03 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
libsystemd0	CVE-2021-33910	HIGH	245.4-4ubuntu3.3	245.4-4ubuntu3.10	Expand... http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html http://www.openwall.com/lists/oss-security/2021/08/04/2 http://www.openwall.com/lists/oss-security/2021/08/17/3 http://www.openwall.com/lists/oss-security/2021/09/07/3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910 https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538 https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61 https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9 https://linux.oracle.com/cve/CVE-2021-33910.html https://linux.oracle.com/errata/ELSA-2021-2717.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/ https://security.gentoo.org/glsa/202107-48 https://security.netapp.com/advisory/ntap-20211104-0008/ https://ubuntu.com/security/notices/USN-5013-1 https://ubuntu.com/security/notices/USN-5013-2 https://www.debian.org/security/2021/dsa-4942 https://www.openwall.com/lists/oss-security/2021/07/20/2 https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt
libsystemd0	CVE-2020-13529	LOW	245.4-4ubuntu3.3	245.4-4ubuntu3.10	Expand... http://www.openwall.com/lists/oss-security/2021/08/04/2 http://www.openwall.com/lists/oss-security/2021/08/17/3 http://www.openwall.com/lists/oss-security/2021/09/07/3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529 https://linux.oracle.com/cve/CVE-2020-13529.html https://linux.oracle.com/errata/ELSA-2021-4361.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/ https://security.gentoo.org/glsa/202107-48 https://security.netapp.com/advisory/ntap-20210625-0005/ https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142 https://ubuntu.com/security/notices/USN-5013-1 https://ubuntu.com/security/notices/USN-5013-2
libtasn1-6	CVE-2018-1000654	LOW	4.16.0-2		Expand... http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html http://www.securityfocus.com/bid/105151 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654 https://gitlab.com/gnutls/libtasn1/issues/4 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libudev1	CVE-2021-33910	HIGH	245.4-4ubuntu3.3	245.4-4ubuntu3.10	Expand... http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html http://www.openwall.com/lists/oss-security/2021/08/04/2 http://www.openwall.com/lists/oss-security/2021/08/17/3 http://www.openwall.com/lists/oss-security/2021/09/07/3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910 https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538 https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61 https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9 https://linux.oracle.com/cve/CVE-2021-33910.html https://linux.oracle.com/errata/ELSA-2021-2717.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/ https://security.gentoo.org/glsa/202107-48 https://security.netapp.com/advisory/ntap-20211104-0008/ https://ubuntu.com/security/notices/USN-5013-1 https://ubuntu.com/security/notices/USN-5013-2 https://www.debian.org/security/2021/dsa-4942 https://www.openwall.com/lists/oss-security/2021/07/20/2 https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt
libudev1	CVE-2020-13529	LOW	245.4-4ubuntu3.3	245.4-4ubuntu3.10	Expand... http://www.openwall.com/lists/oss-security/2021/08/04/2 http://www.openwall.com/lists/oss-security/2021/08/17/3 http://www.openwall.com/lists/oss-security/2021/09/07/3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529 https://linux.oracle.com/cve/CVE-2020-13529.html https://linux.oracle.com/errata/ELSA-2021-4361.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/ https://security.gentoo.org/glsa/202107-48 https://security.netapp.com/advisory/ntap-20210625-0005/ https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142 https://ubuntu.com/security/notices/USN-5013-1 https://ubuntu.com/security/notices/USN-5013-2
libwind0-heimdal	CVE-2021-3671	LOW	7.7.0+dfsg-1ubuntu1		Expand... https://bugzilla.redhat.com/show_bug.cgi?id=2013080, https://bugzilla.samba.org/show_bug.cgi?id=14770, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1
libzstd1	CVE-2021-24031	MEDIUM	1.4.4+dfsg-3	1.4.4+dfsg-3ubuntu0.1	Expand... https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031 https://github.com/facebook/zstd/issues/1630 https://ubuntu.com/security/notices/USN-4760-1 https://www.facebook.com/security/advisories/cve-2021-24031
libzstd1	CVE-2021-24032	MEDIUM	1.4.4+dfsg-3	1.4.4+dfsg-3ubuntu0.1	Expand... https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032 https://github.com/facebook/zstd/issues/2491 https://ubuntu.com/security/notices/USN-4760-1 https://www.facebook.com/security/advisories/cve-2021-24032
locales	CVE-2021-35942	MEDIUM	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942 https://linux.oracle.com/cve/CVE-2021-35942.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://security.netapp.com/advisory/ntap-20210827-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=28011 https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c https://sourceware.org/glibc/wiki/Security%20Exceptions
locales	CVE-2021-38604	MEDIUM	2.31-0ubuntu9.1		Expand... https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/ https://security.netapp.com/advisory/ntap-20210909-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=28213 https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641 https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
locales	CVE-2016-10228	LOW	2.31-0ubuntu9.1		Expand... http://openwall.com/lists/oss-security/2017/03/01/10 http://www.securityfocus.com/bid/96525 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228 https://linux.oracle.com/cve/CVE-2016-10228.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://security.gentoo.org/glsa/202101-20 https://sourceware.org/bugzilla/show_bug.cgi?id=19519 https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 https://sourceware.org/bugzilla/show_bug.cgi?id=26224
locales	CVE-2019-25013	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013 https://linux.oracle.com/cve/CVE-2019-25013.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ https://security.netapp.com/advisory/ntap-20210205-0004/ https://sourceware.org/bugzilla/show_bug.cgi?id=24973 https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
locales	CVE-2020-27618	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618 https://linux.oracle.com/cve/CVE-2020-27618.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://security.netapp.com/advisory/ntap-20210401-0006/ https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 https://sourceware.org/bugzilla/show_bug.cgi?id=26224
locales	CVE-2020-29562	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ https://security.gentoo.org/glsa/202101-20 https://security.netapp.com/advisory/ntap-20210122-0004/ https://sourceware.org/bugzilla/show_bug.cgi?id=26923 https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
locales	CVE-2020-6096	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/ https://security.gentoo.org/glsa/202101-20 https://sourceware.org/bugzilla/attachment.cgi?id=12334 https://sourceware.org/bugzilla/show_bug.cgi?id=25620 https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019 https://ubuntu.com/security/notices/USN-4954-1 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
locales	CVE-2021-27645	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645 https://linux.oracle.com/cve/CVE-2021-27645.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/ https://sourceware.org/bugzilla/show_bug.cgi?id=27462
locales	CVE-2021-3326	LOW	2.31-0ubuntu9.1		Expand... http://www.openwall.com/lists/oss-security/2021/01/28/2 https://bugs.chromium.org/p/project-zero/issues/detail?id=2146 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326 https://linux.oracle.com/cve/CVE-2021-3326.html https://linux.oracle.com/errata/ELSA-2021-9344.html https://security.netapp.com/advisory/ntap-20210304-0007/ https://sourceware.org/bugzilla/show_bug.cgi?id=27256 https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888 https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
locales	CVE-2021-33574	LOW	2.31-0ubuntu9.1		Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574 https://linux.oracle.com/cve/CVE-2021-33574.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/ https://security.gentoo.org/glsa/202107-07 https://security.netapp.com/advisory/ntap-20210629-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=27896 https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
login	CVE-2013-4235	LOW	1:4.8.1-1ubuntu5.20.04		Expand... https://access.redhat.com/security/cve/cve-2013-4235 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://security-tracker.debian.org/tracker/CVE-2013-4235
openssl	CVE-2021-3449	HIGH	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.3	Expand... http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://linux.oracle.com/cve/CVE-2021-3449.html https://linux.oracle.com/errata/ELSA-2021-9151.html https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210326-0006/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://ubuntu.com/security/notices/USN-4891-1 https://ubuntu.com/security/notices/USN-5038-1 https://www.debian.org/security/2021/dsa-4875 https://www.openssl.org/news/secadv/20210325.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-06 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
openssl	CVE-2021-3711	HIGH	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.8	Expand... http://www.openwall.com/lists/oss-security/2021/08/26/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E https://security.netapp.com/advisory/ntap-20210827-0010/ https://security.netapp.com/advisory/ntap-20211022-0003/ https://ubuntu.com/security/notices/USN-5051-1 https://www.debian.org/security/2021/dsa-4963 https://www.openssl.org/news/secadv/20210824.txt https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-16
openssl	CVE-2021-23841	MEDIUM	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.2	Expand... http://seclists.org/fulldisclosure/2021/May/67 http://seclists.org/fulldisclosure/2021/May/68 http://seclists.org/fulldisclosure/2021/May/70 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://linux.oracle.com/cve/CVE-2021-23841.html https://linux.oracle.com/errata/ELSA-2021-9561.html https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210219-0009/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://support.apple.com/kb/HT212528 https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212534 https://ubuntu.com/security/notices/USN-4738-1 https://ubuntu.com/security/notices/USN-4745-1 https://www.debian.org/security/2021/dsa-4855 https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-03 https://www.tenable.com/security/tns-2021-09
openssl	CVE-2021-3712	MEDIUM	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.8	Expand... http://www.openwall.com/lists/oss-security/2021/08/26/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html https://security.netapp.com/advisory/ntap-20210827-0010/ https://ubuntu.com/security/notices/USN-5051-1 https://ubuntu.com/security/notices/USN-5051-2 https://ubuntu.com/security/notices/USN-5051-3 https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm) https://ubuntu.com/security/notices/USN-5088-1 https://www.debian.org/security/2021/dsa-4963 https://www.openssl.org/news/secadv/20210824.txt https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-16
openssl	CVE-2021-23840	LOW	1.1.1f-1ubuntu2.1	1.1.1f-1ubuntu2.2	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://linux.oracle.com/cve/CVE-2021-23840.html https://linux.oracle.com/errata/ELSA-2021-9561.html https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210219-0009/ https://ubuntu.com/security/notices/USN-4738-1 https://ubuntu.com/security/notices/USN-5088-1 https://www.debian.org/security/2021/dsa-4855 https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-03 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
passwd	CVE-2013-4235	LOW	1:4.8.1-1ubuntu5.20.04		Expand... https://access.redhat.com/security/cve/cve-2013-4235 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://security-tracker.debian.org/tracker/CVE-2013-4235
perl-base	CVE-2020-16156	MEDIUM	5.30.0-9ubuntu0.2		Expand... http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156 https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c https://metacpan.org/pod/distribution/CPAN/scripts/cpan
tar	CVE-2019-9923	LOW	1.30+dfsg-7	1.30+dfsg-7ubuntu0.20.04.1	Expand... http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html http://savannah.gnu.org/bugs/?55369 https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://ubuntu.com/security/notices/USN-4692-1

jar

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
ch.qos.logback:logback-core	CVE-2021-42550	MEDIUM	1.2.3		Expand... http://logback.qos.ch/news.html https://github.com/advisories/GHSA-668q-qrv7-99fm https://github.com/cn-panda/logbackRceDemo https://github.com/qos-ch/logback/blob/1502cba4c1dfd135b2e715bc0cf80c0045d4d128/logback-site/src/site/pages/news.html https://github.com/qos-ch/logback/commit/87291079a1de9369ac67e20dc70a8fdc7cc4359c https://github.com/qos-ch/logback/commit/ef4fc4186b74b45ce80d86833820106ff27edd42 https://jira.qos.ch/browse/LOGBACK-1591 https://nvd.nist.gov/vuln/detail/CVE-2021-42550
org.apache.logging.log4j:log4j-api	CVE-2021-44228	CRITICAL	2.13.3	2.15.0	Expand... http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html http://www.openwall.com/lists/oss-security/2021/12/10/1 http://www.openwall.com/lists/oss-security/2021/12/10/2 http://www.openwall.com/lists/oss-security/2021/12/10/3 http://www.openwall.com/lists/oss-security/2021/12/13/1 http://www.openwall.com/lists/oss-security/2021/12/13/2 http://www.openwall.com/lists/oss-security/2021/12/14/4 http://www.openwall.com/lists/oss-security/2021/12/15/3 https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 https://github.com/advisories/GHSA-7rjr-3q55-vv33 https://github.com/advisories/GHSA-jfh8-c2jp-5v3q https://github.com/apache/logging-log4j2/commit/c77b3cb39312b83b053d23a2158b99ac7de44dd3 https://github.com/apache/logging-log4j2/pull/608 https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126 https://github.com/tangxiaofeng7/apache-log4j-poc https://issues.apache.org/jira/browse/LOG4J2-3198 https://issues.apache.org/jira/browse/LOG4J2-3201 https://issues.apache.org/jira/browse/LOG4J2-3214 https://issues.apache.org/jira/browse/LOG4J2-3221 https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/ https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0 https://logging.apache.org/log4j/2.x/manual/lookups.html#JndiLookup https://logging.apache.org/log4j/2.x/manual/migration.html https://logging.apache.org/log4j/2.x/security.html https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ https://nvd.nist.gov/vuln/detail/CVE-2021-44228 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 https://security.netapp.com/advisory/ntap-20211210-0007/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd https://twitter.com/kurtseifried/status/1469345530182455296 https://ubuntu.com/security/notices/USN-5192-1 https://ubuntu.com/security/notices/USN-5192-2 https://ubuntu.com/security/notices/USN-5197-1 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell https://www.debian.org/security/2021/dsa-5020 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html https://www.kb.cert.org/vuls/id/930724 https://www.lunasec.io/docs/blog/log4j-zero-day/ https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
org.apache.logging.log4j:log4j-api	CVE-2021-45046	CRITICAL	2.13.3	2.16.0	Expand... http://www.openwall.com/lists/oss-security/2021/12/14/4 http://www.openwall.com/lists/oss-security/2021/12/15/3 http://www.openwall.com/lists/oss-security/2021/12/18/1 https://access.redhat.com/security/cve/CVE-2021-44228 https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 https://github.com/advisories/GHSA-7rjr-3q55-vv33 https://github.com/advisories/GHSA-jfh8-c2jp-5v3q https://issues.apache.org/jira/browse/LOG4J2-3221 https://lists.apache.org/thread/83y7dx5xvn3h5290q1twn16tltolv88f https://logging.apache.org/log4j/2.x/security.html https://nvd.nist.gov/vuln/detail/CVE-2021-45046 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd https://ubuntu.com/security/notices/USN-5197-1 https://www.cve.org/CVERecord?id=CVE-2021-44228 https://www.cve.org/CVERecord?id=CVE-2021-45046 https://www.debian.org/security/2021/dsa-5022 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html https://www.kb.cert.org/vuls/id/930724 https://www.openwall.com/lists/oss-security/2021/12/14/4 https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
org.apache.logging.log4j:log4j-api	CVE-2021-45105	HIGH	2.13.3	2.17.0, 2.12.3	Expand... http://www.openwall.com/lists/oss-security/2021/12/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105 https://github.com/advisories/GHSA-p6xc-xr62-6r2g https://issues.apache.org/jira/browse/LOG4J2-3230 https://logging.apache.org/log4j/2.x/security.html https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45105 https://nvd.nist.gov/vuln/detail/CVE-2021-45105 https://security.netapp.com/advisory/ntap-20211218-0001/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd https://ubuntu.com/security/notices/USN-5203-1 https://www.cve.org/CVERecord?id=CVE-2021-45105 https://www.debian.org/security/2021/dsa-5024 https://www.kb.cert.org/vuls/id/930724 https://www.openwall.com/lists/oss-security/2021/12/19/1 https://www.zerodayinitiative.com/advisories/ZDI-21-1541/
org.apache.tomcat.embed:tomcat-embed-core	CVE-2020-17527	HIGH	9.0.39	8.5.60, 9.0.40, 10.0.2	Expand... http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10 http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60 http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40 http://www.openwall.com/lists/oss-security/2020/12/03/3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527 https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29 (8.5.60) https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65 (9.0.40) https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html https://nvd.nist.gov/vuln/detail/CVE-2020-17527 https://security.gentoo.org/glsa/202012-23 https://security.netapp.com/advisory/ntap-20201210-0003/ https://www.debian.org/security/2021/dsa-4835 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html
org.apache.tomcat.embed:tomcat-embed-core	CVE-2021-25122	HIGH	9.0.39	8.5.63, 9.0.43, 10.0.2	Expand... http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E http://www.openwall.com/lists/oss-security/2021/03/01/1 https://github.com/advisories/GHSA-j39c-c8hj-x4j3 https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html https://nvd.nist.gov/vuln/detail/CVE-2021-25122 https://security.netapp.com/advisory/ntap-20210409-0002/ https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43 https://www.debian.org/security/2021/dsa-4891 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
org.apache.tomcat.embed:tomcat-embed-core	CVE-2021-25329	HIGH	9.0.39	7.0.108, 8.5.63, 9.0.43, 10.0.2	Expand... http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E http://www.openwall.com/lists/oss-security/2021/03/01/2 https://github.com/advisories/GHSA-jgwr-3qm3-26f3 https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4 https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html https://nvd.nist.gov/vuln/detail/CVE-2021-25329 https://security.netapp.com/advisory/ntap-20210409-0002/ https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2 https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.108 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43 https://www.debian.org/security/2021/dsa-4891 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
org.apache.tomcat.embed:tomcat-embed-core	CVE-2021-24122	MEDIUM	9.0.39	10.0.0-M10, 9.0.40, 8.5.60, 7.0.107	Expand... http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107 http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60 http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40 http://www.openwall.com/lists/oss-security/2021/01/14/1 https://github.com/advisories/GHSA-2rvv-w9r2-rg7m https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html https://nvd.nist.gov/vuln/detail/CVE-2021-24122 https://security.netapp.com/advisory/ntap-20210212-0008/
org.apache.tomcat.embed:tomcat-embed-websocket	CVE-2021-24122	MEDIUM	9.0.39	10.0.0-M10, 9.0.40, 8.5.60, 7.0.107	Expand... http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107 http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60 http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40 http://www.openwall.com/lists/oss-security/2021/01/14/1 https://github.com/advisories/GHSA-2rvv-w9r2-rg7m https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html https://nvd.nist.gov/vuln/detail/CVE-2021-24122 https://security.netapp.com/advisory/ntap-20210212-0008/
org.glassfish:jakarta.el	CVE-2021-28170	MEDIUM	3.0.3		Expand... https://github.com/advisories/GHSA-v6w3-2prq-h95f https://github.com/eclipse-ee4j/el-ri/issues/155 https://github.com/eclipse-ee4j/el-ri/pull/160/commits/b6a3943ac5fba71cbc6719f092e319caa747855b https://nvd.nist.gov/vuln/detail/CVE-2021-28170 https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/
org.hibernate.validator:hibernate-validator	CVE-2020-10693	MEDIUM	6.1.0.Final	6.0.20.Final, 6.1.5.Final	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693 https://github.com/advisories/GHSA-rmrm-75hp-phr2 https://nvd.nist.gov/vuln/detail/CVE-2020-10693 https://www.ibm.com/support/pages/node/6348216
org.hibernate:hibernate-core	CVE-2020-25638	HIGH	5.2.12.Final	5.3.20.Final, 5.4.24.Final	Expand... https://bugzilla.redhat.com/show_bug.cgi?id=1881353 https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44@%3Cdev.turbine.apache.org%3E https://lists.apache.org/thread.html/rf2378209c676a28b71f9b604a3b3517c448540b85367160e558ef9df@%3Ccommits.turbine.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/01/msg00000.html https://nvd.nist.gov/vuln/detail/CVE-2020-25638 https://www.debian.org/security/2021/dsa-4908 https://www.oracle.com//security-alerts/cpujul2021.html
org.springframework.security:spring-security-core	CVE-2021-22112	HIGH	5.4.1	5.2.9.RELEASE, 5.3.8.RELEASE, 5.4.4	Expand... http://www.openwall.com/lists/oss-security/2021/02/19/7 https://github.com/advisories/GHSA-gq28-h5vg-8prx https://github.com/spring-projects/spring-security/releases/tag/5.4.4 https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2021-22112 https://tanzu.vmware.com/security/cve-2021-22112 https://www.jenkins.io/security/advisory/2021-02-19/ https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
org.springframework.security:spring-security-core	CVE-2021-22119	HIGH	5.4.1	5.2.11.RELEASE, 5.3.10.RELEASE, 5.4.7, 5.5.1	Expand... https://github.com/advisories/GHSA-w9jg-gvgr-354m https://github.com/spring-projects/spring-security/pull/9513 https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2021-22119 https://tanzu.vmware.com/security/cve-2021-22119
org.springframework.security:spring-security-web	CVE-2021-22112	HIGH	5.4.1	5.3.8, 5.4.4, 5.2.9	Expand... http://www.openwall.com/lists/oss-security/2021/02/19/7 https://github.com/advisories/GHSA-gq28-h5vg-8prx https://github.com/spring-projects/spring-security/releases/tag/5.4.4 https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2021-22112 https://tanzu.vmware.com/security/cve-2021-22112 https://www.jenkins.io/security/advisory/2021-02-19/ https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
org.thymeleaf:thymeleaf-spring5	CVE-2021-43466	CRITICAL	3.0.11.RELEASE		Expand... https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html https://github.com/advisories/GHSA-qcj6-jqrg-4wp2 https://nvd.nist.gov/vuln/detail/CVE-2021-43466