2022-03-06 14:37:05 +00:00
---
hide:
- toc
---
# Security Overview
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
## Helm-Chart
##### Scan Results
#### Chart Object: homebridge/templates/common.yaml
2022-03-06 15:09:49 +00:00
2022-03-06 14:37:05 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
2022-06-07 18:33:12 +00:00
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
2022-03-06 14:37:05 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-homebridge' of Deployment ' RELEASE-NAME-homebridge' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
2022-06-07 18:33:12 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-homebridge' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
2022-03-06 14:37:05 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' RELEASE-NAME-homebridge' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-homebridge' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
2022-06-07 18:33:12 +00:00
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
2022-03-06 14:37:05 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-homebridge' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-homebridge' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-homebridge' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-homebridge' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
## Containers
##### Detected Containers
2022-03-26 15:30:42 +00:00
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
2022-03-06 14:37:05 +00:00
tccr.io/truecharts/homebridge:v2022-02@sha256:a6b5e77d71f6cf8ab608ec96a34342a038dd8b5d8ef799108455622ad68bb7e8
##### Scan Results
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2022-03-06 15:09:49 +00:00
2022-03-06 14:37:05 +00:00
**alpine**
2022-03-06 15:09:49 +00:00
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-05-10 21:17:41 +00:00
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| curl | CVE-2022-22576 | HIGH | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22576" > https://nvd.nist.gov/vuln/detail/CVE-2022-22576< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| curl | CVE-2022-27775 | HIGH | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://hackerone.com/reports/1546268" > https://hackerone.com/reports/1546268< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://hackerone.com/reports/1543773" > https://hackerone.com/reports/1543773< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://hackerone.com/reports/1547048" > https://hackerone.com/reports/1547048< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-22576 | HIGH | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22576" > https://nvd.nist.gov/vuln/detail/CVE-2022-22576< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| libcurl | CVE-2022-27775 | HIGH | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://hackerone.com/reports/1546268" > https://hackerone.com/reports/1546268< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://hackerone.com/reports/1543773" > https://hackerone.com/reports/1543773< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://hackerone.com/reports/1547048" > https://hackerone.com/reports/1547048< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-2201.html" > https://errata.almalinux.org/8/ALSA-2022-2201.html< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-25032.html" > https://linux.oracle.com/cve/CVE-2018-25032.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-2213.html" > https://linux.oracle.com/errata/ELSA-2022-2213.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220526-0009/" > https://security.netapp.com/advisory/ntap-20220526-0009/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb/HT213256" > https://support.apple.com/kb/HT213256< / a > < br > < a href = "https://support.apple.com/kb/HT213257" > https://support.apple.com/kb/HT213257< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a
2022-03-06 14:37:05 +00:00
#### Container: tccr.io/truecharts/homebridge:v2022-02@sha256:a6b5e77d71f6cf8ab608ec96a34342a038dd8b5d8ef799108455622ad68bb7e8 (alpine 3.12.9)
2022-03-06 15:09:49 +00:00
2022-03-06 14:37:05 +00:00
**alpine**
2022-03-06 15:09:49 +00:00
2022-03-06 14:37:05 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-04-03 16:31:59 +00:00
| blkid | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| busybox | CVE-2022-28391 | CRITICAL | 1.31.1-r21 | 1.31.1-r22 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| cfdisk | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| curl | CVE-2022-22576 | HIGH | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22576" > https://nvd.nist.gov/vuln/detail/CVE-2022-22576< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| curl | CVE-2022-27775 | HIGH | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://hackerone.com/reports/1546268" > https://hackerone.com/reports/1546268< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| curl | CVE-2022-27774 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://hackerone.com/reports/1543773" > https://hackerone.com/reports/1543773< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27776 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://hackerone.com/reports/1547048" > https://hackerone.com/reports/1547048< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl-dev | CVE-2022-22576 | HIGH | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22576" > https://nvd.nist.gov/vuln/detail/CVE-2022-22576< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| curl-dev | CVE-2022-27775 | HIGH | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://hackerone.com/reports/1546268" > https://hackerone.com/reports/1546268< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| curl-dev | CVE-2022-27774 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://hackerone.com/reports/1543773" > https://hackerone.com/reports/1543773< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl-dev | CVE-2022-27776 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://hackerone.com/reports/1547048" > https://hackerone.com/reports/1547048< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-04-20 21:21:59 +00:00
| expat | CVE-2022-23852 | CRITICAL | 2.2.10-r0 | 2.2.10-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-23852" > https://access.redhat.com/security/cve/CVE-2022-23852< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/550" > https://github.com/libexpat/libexpat/pull/550< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-23852.html" > https://linux.oracle.com/cve/CVE-2022-23852.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-1069.html" > https://linux.oracle.com/errata/ELSA-2022-1069.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23852" > https://nvd.nist.gov/vuln/detail/CVE-2022-23852< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220217-0001/" > https://security.netapp.com/advisory/ntap-20220217-0001/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5288-1" > https://ubuntu.com/security/notices/USN-5288-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5073" > https://www.debian.org/security/2022/dsa-5073< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-05" > https://www.tenable.com/security/tns-2022-05< / a > < br > < / details > |
| expat | CVE-2022-23990 | CRITICAL | 2.2.10-r0 | 2.2.10-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-23990" > https://access.redhat.com/security/cve/CVE-2022-23990< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/551" > https://github.com/libexpat/libexpat/pull/551< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-23990.html" > https://linux.oracle.com/cve/CVE-2022-23990.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9232.html" > https://linux.oracle.com/errata/ELSA-2022-9232.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23990" > https://nvd.nist.gov/vuln/detail/CVE-2022-23990< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5288-1" > https://ubuntu.com/security/notices/USN-5288-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5073" > https://www.debian.org/security/2022/dsa-5073< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-05" > https://www.tenable.com/security/tns-2022-05< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| expat | CVE-2022-25235 | CRITICAL | 2.2.10-r0 | 2.2.10-r2 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/02/19/1" > http://www.openwall.com/lists/oss-security/2022/02/19/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-25235" > https://access.redhat.com/security/cve/CVE-2022-25235< / a > < br > < a href = "https://blog.hartwork.org/posts/expat-2-4-5-released/" > https://blog.hartwork.org/posts/expat-2-4-5-released/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/562" > https://github.com/libexpat/libexpat/pull/562< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)" > https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)" > https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-25235.html" > https://linux.oracle.com/cve/CVE-2022-25235.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9359.html" > https://linux.oracle.com/errata/ELSA-2022-9359.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-25235" > https://nvd.nist.gov/vuln/detail/CVE-2022-25235< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0008/" > https://security.netapp.com/advisory/ntap-20220303-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5288-1" > https://ubuntu.com/security/notices/USN-5288-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5085" > https://www.debian.org/security/2022/dsa-5085< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < / details > |
2022-05-26 10:35:17 +00:00
| expat | CVE-2022-25236 | CRITICAL | 2.2.10-r0 | 2.2.10-r2 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html" > http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/02/19/1" > http://www.openwall.com/lists/oss-security/2022/02/19/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-25236" > https://access.redhat.com/security/cve/CVE-2022-25236< / a > < br > < a href = "https://blog.hartwork.org/posts/expat-2-4-5-released/" > https://blog.hartwork.org/posts/expat-2-4-5-released/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/561" > https://github.com/libexpat/libexpat/pull/561< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)" > https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)" > https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/577" > https://github.com/libexpat/libexpat/pull/577< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-25236.html" > https://linux.oracle.com/cve/CVE-2022-25236.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9359.html" > https://linux.oracle.com/errata/ELSA-2022-9359.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-25236" > https://nvd.nist.gov/vuln/detail/CVE-2022-25236< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0008/" > https://security.netapp.com/advisory/ntap-20220303-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5288-1" > https://ubuntu.com/security/notices/USN-5288-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5085" > https://www.debian.org/security/2022/dsa-5085< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| expat | CVE-2022-25315 | CRITICAL | 2.2.10-r0 | 2.2.10-r2 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/02/19/1" > http://www.openwall.com/lists/oss-security/2022/02/19/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-25315" > https://access.redhat.com/security/cve/CVE-2022-25315< / a > < br > < a href = "https://blog.hartwork.org/posts/expat-2-4-5-released/" > https://blog.hartwork.org/posts/expat-2-4-5-released/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/559" > https://github.com/libexpat/libexpat/pull/559< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-25315.html" > https://linux.oracle.com/cve/CVE-2022-25315.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9359.html" > https://linux.oracle.com/errata/ELSA-2022-9359.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-25315" > https://nvd.nist.gov/vuln/detail/CVE-2022-25315< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0008/" > https://security.netapp.com/advisory/ntap-20220303-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5320-1" > https://ubuntu.com/security/notices/USN-5320-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5085" > https://www.debian.org/security/2022/dsa-5085< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < / details > |
2022-04-20 21:21:59 +00:00
| expat | CVE-2022-25314 | HIGH | 2.2.10-r0 | 2.2.10-r2 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/02/19/1" > http://www.openwall.com/lists/oss-security/2022/02/19/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-25314" > https://access.redhat.com/security/cve/CVE-2022-25314< / a > < br > < a href = "https://blog.hartwork.org/posts/expat-2-4-5-released/" > https://blog.hartwork.org/posts/expat-2-4-5-released/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/560" > https://github.com/libexpat/libexpat/pull/560< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-25314" > https://nvd.nist.gov/vuln/detail/CVE-2022-25314< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0008/" > https://security.netapp.com/advisory/ntap-20220303-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5320-1" > https://ubuntu.com/security/notices/USN-5320-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5085" > https://www.debian.org/security/2022/dsa-5085< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < / details > |
| expat | CVE-2022-25313 | MEDIUM | 2.2.10-r0 | 2.2.10-r2 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/02/19/1" > http://www.openwall.com/lists/oss-security/2022/02/19/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-25313" > https://access.redhat.com/security/cve/CVE-2022-25313< / a > < br > < a href = "https://blog.hartwork.org/posts/expat-2-4-5-released/" > https://blog.hartwork.org/posts/expat-2-4-5-released/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/558" > https://github.com/libexpat/libexpat/pull/558< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-25313" > https://nvd.nist.gov/vuln/detail/CVE-2022-25313< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0008/" > https://security.netapp.com/advisory/ntap-20220303-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5320-1" > https://ubuntu.com/security/notices/USN-5320-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5085" > https://www.debian.org/security/2022/dsa-5085< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| findmnt | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| git | CVE-2021-40330 | HIGH | 2.26.3-r0 | 2.26.3-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-40330" > https://access.redhat.com/security/cve/CVE-2021-40330< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40330" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40330< / a > < br > < a href = "https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473" > https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473< / a > < br > < a href = "https://github.com/git/git/compare/v2.30.0...v2.30.1" > https://github.com/git/git/compare/v2.30.0...v2.30.1< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-40330" > https://nvd.nist.gov/vuln/detail/CVE-2021-40330< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5076-1" > https://ubuntu.com/security/notices/USN-5076-1< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| hexdump | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| libblkid | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-06-07 18:33:12 +00:00
| libcrypto1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html" > http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json" > https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-0778" > https://access.redhat.com/security/cve/CVE-2022-0778< / a > < br > < a href = "https://crates.io/crates/openssl-src" > https://crates.io/crates/openssl-src< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-1065.html" > https://errata.almalinux.org/8/ALSA-2022-1065.html< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-0778.html" > https://linux.oracle.com/cve/CVE-2022-0778.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9272.html" > https://linux.oracle.com/errata/ELSA-2022-9272.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0778" > https://nvd.nist.gov/vuln/detail/CVE-2022-0778< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0014.html" > https://rustsec.org/advisories/RUSTSEC-2022-0014.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220321-0002/" > https://security.netapp.com/advisory/ntap-20220321-0002/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220429-0005/" > https://security.netapp.com/advisory/ntap-20220429-0005/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com
2022-06-11 19:16:07 +00:00
| libcurl | CVE-2022-22576 | HIGH | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22576" > https://nvd.nist.gov/vuln/detail/CVE-2022-22576< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| libcurl | CVE-2022-27775 | HIGH | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://hackerone.com/reports/1546268" > https://hackerone.com/reports/1546268< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| libcurl | CVE-2022-27774 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://hackerone.com/reports/1543773" > https://hackerone.com/reports/1543773< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27776 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://hackerone.com/reports/1547048" > https://hackerone.com/reports/1547048< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| libfdisk | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| libmount | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| libsmartcols | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-06-07 18:33:12 +00:00
| libssl1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html" > http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json" > https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-0778" > https://access.redhat.com/security/cve/CVE-2022-0778< / a > < br > < a href = "https://crates.io/crates/openssl-src" > https://crates.io/crates/openssl-src< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-1065.html" > https://errata.almalinux.org/8/ALSA-2022-1065.html< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-0778.html" > https://linux.oracle.com/cve/CVE-2022-0778.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9272.html" > https://linux.oracle.com/errata/ELSA-2022-9272.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0778" > https://nvd.nist.gov/vuln/detail/CVE-2022-0778< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0014.html" > https://rustsec.org/advisories/RUSTSEC-2022-0014.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220321-0002/" > https://security.netapp.com/advisory/ntap-20220321-0002/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220429-0005/" > https://security.netapp.com/advisory/ntap-20220429-0005/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb
2022-04-03 16:31:59 +00:00
| libuuid | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-05-17 19:25:52 +00:00
| libxml2 | CVE-2022-23308 | HIGH | 2.9.12-r0 | 2.9.13-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/34" > http://seclists.org/fulldisclosure/2022/May/34< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/36" > http://seclists.org/fulldisclosure/2022/May/36< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/37" > http://seclists.org/fulldisclosure/2022/May/37< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-23308" > https://access.redhat.com/security/cve/CVE-2022-23308< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308< / a > < br > < a href = "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" > https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS" > https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-23308.html" > https://linux.oracle.com/cve/CVE-2022-23308.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0899.html" > https://linux.oracle.com/errata/ELSA-2022-0899.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23308" > https://nvd.nist.gov/vuln/detail/CVE-2022-23308< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0008/" > https://security.netapp.com/advisory/ntap-20220331-0008/< / a > < br > < a href = "https://support.apple.com/kb/HT213253" > https://support.apple.com/kb/HT213253< / a > < br > < a href = "https://support.apple.com/kb/HT213254" > https://support.apple.com/kb/HT213254< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb/HT213256" > https://support.apple.com/kb/HT213256< / a > < br > < a href = "https://support.apple.com/kb/HT213257" > https://support.apple.com/kb/HT213257< / a > < br > < a href = "https://support.apple.com/kb/HT213258" > https://support.apple.com/kb/HT213258< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5324-1" > https://ubuntu.com/security/notices/USN-5324-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5422-1" > https://ubuntu.com/security/notices/USN-5422-1< / a > < br > < / details > |
2022-06-07 18:33:12 +00:00
| libxml2 | CVE-2022-29824 | MEDIUM | 2.9.12-r0 | 2.9.14-r0 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html" > http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-29824" > https://access.redhat.com/security/cve/CVE-2022-29824< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14" > https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxslt/-/tags" > https://gitlab.gnome.org/GNOME/libxslt/-/tags< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-29824" > https://nvd.nist.gov/vuln/detail/CVE-2022-29824< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5422-1" > https://ubuntu.com/security/notices/USN-5422-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5142" > https://www.debian.org/security/2022/dsa-5142< / a > < br > < / details > |
2022-05-17 19:25:52 +00:00
| libxml2-utils | CVE-2022-23308 | HIGH | 2.9.12-r0 | 2.9.13-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/34" > http://seclists.org/fulldisclosure/2022/May/34< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/36" > http://seclists.org/fulldisclosure/2022/May/36< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/37" > http://seclists.org/fulldisclosure/2022/May/37< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-23308" > https://access.redhat.com/security/cve/CVE-2022-23308< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308< / a > < br > < a href = "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" > https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS" > https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-23308.html" > https://linux.oracle.com/cve/CVE-2022-23308.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0899.html" > https://linux.oracle.com/errata/ELSA-2022-0899.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23308" > https://nvd.nist.gov/vuln/detail/CVE-2022-23308< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0008/" > https://security.netapp.com/advisory/ntap-20220331-0008/< / a > < br > < a href = "https://support.apple.com/kb/HT213253" > https://support.apple.com/kb/HT213253< / a > < br > < a href = "https://support.apple.com/kb/HT213254" > https://support.apple.com/kb/HT213254< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb/HT213256" > https://support.apple.com/kb/HT213256< / a > < br > < a href = "https://support.apple.com/kb/HT213257" > https://support.apple.com/kb/HT213257< / a > < br > < a href = "https://support.apple.com/kb/HT213258" > https://support.apple.com/kb/HT213258< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5324-1" > https://ubuntu.com/security/notices/USN-5324-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5422-1" > https://ubuntu.com/security/notices/USN-5422-1< / a > < br > < / details > |
2022-06-07 18:33:12 +00:00
| libxml2-utils | CVE-2022-29824 | MEDIUM | 2.9.12-r0 | 2.9.14-r0 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html" > http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-29824" > https://access.redhat.com/security/cve/CVE-2022-29824< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14" > https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxslt/-/tags" > https://gitlab.gnome.org/GNOME/libxslt/-/tags< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-29824" > https://nvd.nist.gov/vuln/detail/CVE-2022-29824< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5422-1" > https://ubuntu.com/security/notices/USN-5422-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5142" > https://www.debian.org/security/2022/dsa-5142< / a > < br > < / details > |
2022-05-24 07:26:11 +00:00
| libxslt | CVE-2021-30560 | HIGH | 1.1.34-r0 | 1.1.35-r0 | < details > < summary > Expand...< / summary > < a href = "https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html" > https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html< / a > < br > < a href = "https://crbug.com/1219209" > https://crbug.com/1219209< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-30560" > https://nvd.nist.gov/vuln/detail/CVE-2021-30560< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| lsblk | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| mcookie | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-06-07 18:33:12 +00:00
| openssl-dev | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html" > http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json" > https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-0778" > https://access.redhat.com/security/cve/CVE-2022-0778< / a > < br > < a href = "https://crates.io/crates/openssl-src" > https://crates.io/crates/openssl-src< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-1065.html" > https://errata.almalinux.org/8/ALSA-2022-1065.html< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-0778.html" > https://linux.oracle.com/cve/CVE-2022-0778.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9272.html" > https://linux.oracle.com/errata/ELSA-2022-9272.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0778" > https://nvd.nist.gov/vuln/detail/CVE-2022-0778< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0014.html" > https://rustsec.org/advisories/RUSTSEC-2022-0014.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220321-0002/" > https://security.netapp.com/advisory/ntap-20220321-0002/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220429-0005/" > https://security.netapp.com/advisory/ntap-20220429-0005/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/
2022-04-03 16:31:59 +00:00
| setpriv | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| sfdisk | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| ssl_client | CVE-2022-28391 | CRITICAL | 1.31.1-r21 | 1.31.1-r22 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| util-linux | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| util-linux-dev | CVE-2022-0563 | MEDIUM | 2.37.3-r0 | 2.37.4-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| xz-libs | CVE-2022-1271 | HIGH | 5.2.5-r0 | 5.2.5-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-1537.html" > https://errata.almalinux.org/8/ALSA-2022-1537.html< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-1271.html" > https://linux.oracle.com/cve/CVE-2022-1271.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-4991.html" > https://linux.oracle.com/errata/ELSA-2022-4991.html< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-2201.html" > https://errata.almalinux.org/8/ALSA-2022-2201.html< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-25032.html" > https://linux.oracle.com/cve/CVE-2018-25032.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-2213.html" > https://linux.oracle.com/errata/ELSA-2022-2213.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220526-0009/" > https://security.netapp.com/advisory/ntap-20220526-0009/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb/HT213256" > https://support.apple.com/kb/HT213256< / a > < br > < a href = "https://support.apple.com/kb/HT213257" > https://support.apple.com/kb/HT213257< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a
| zlib-dev | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-2201.html" > https://errata.almalinux.org/8/ALSA-2022-2201.html< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-25032.html" > https://linux.oracle.com/cve/CVE-2018-25032.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-2213.html" > https://linux.oracle.com/errata/ELSA-2022-2213.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220526-0009/" > https://security.netapp.com/advisory/ntap-20220526-0009/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb/HT213256" > https://support.apple.com/kb/HT213256< / a > < br > < a href = "https://support.apple.com/kb/HT213257" > https://support.apple.com/kb/HT213257< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < b
2022-03-06 14:37:05 +00:00
**node-pkg**
2022-03-06 15:09:49 +00:00
2022-03-06 14:37:05 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-05-05 09:00:47 +00:00
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-3807" > https://access.redhat.com/security/cve/CVE-2021-3807< / a > < br > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://github.com/chalk/ansi-regex/releases/tag/v6.0.1" > https://github.com/chalk/ansi-regex/releases/tag/v6.0.1< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3807.html" > https://linux.oracle.com/cve/CVE-2021-3807.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < / details > |
| ansi-regex | CVE-2021-3807 | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-3807" > https://access.redhat.com/security/cve/CVE-2021-3807< / a > < br > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://github.com/chalk/ansi-regex/releases/tag/v6.0.1" > https://github.com/chalk/ansi-regex/releases/tag/v6.0.1< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3807.html" > https://linux.oracle.com/cve/CVE-2021-3807.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2022.html" > https://www.oracle.com/security-alerts/cpuapr2022.html< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| engine.io | CVE-2022-21676 | HIGH | 6.0.1 | 6.1.1, 5.2.1, 4.1.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-273r-mgr4-v34f" > https://github.com/advisories/GHSA-273r-mgr4-v34f< / a > < br > < a href = "https://github.com/socketio/engine.io/commit/66f889fc1d966bf5bfa0de1939069153643874ab" > https://github.com/socketio/engine.io/commit/66f889fc1d966bf5bfa0de1939069153643874ab< / a > < br > < a href = "https://github.com/socketio/engine.io/commit/a70800d7e96da32f6e6622804ef659ebc58659db" > https://github.com/socketio/engine.io/commit/a70800d7e96da32f6e6622804ef659ebc58659db< / a > < br > < a href = "https://github.com/socketio/engine.io/commit/c0e194d44933bd83bf9a4b126fca68ba7bf5098c" > https://github.com/socketio/engine.io/commit/c0e194d44933bd83bf9a4b126fca68ba7bf5098c< / a > < br > < a href = "https://github.com/socketio/engine.io/releases/tag/4.1.2" > https://github.com/socketio/engine.io/releases/tag/4.1.2< / a > < br > < a href = "https://github.com/socketio/engine.io/releases/tag/5.2.1" > https://github.com/socketio/engine.io/releases/tag/5.2.1< / a > < br > < a href = "https://github.com/socketio/engine.io/releases/tag/6.1.1" > https://github.com/socketio/engine.io/releases/tag/6.1.1< / a > < br > < a href = "https://github.com/socketio/engine.io/security/advisories/GHSA-273r-mgr4-v34f" > https://github.com/socketio/engine.io/security/advisories/GHSA-273r-mgr4-v34f< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-21676" > https://nvd.nist.gov/vuln/detail/CVE-2022-21676< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220209-0002/" > https://security.netapp.com/advisory/ntap-20220209-0002/< / a > < br > < / details > |
2022-03-06 14:37:05 +00:00
| fastify-multipart | CVE-2021-23597 | HIGH | 5.2.1 | 5.3.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-qh73-qc3p-rjv2" > https://github.com/advisories/GHSA-qh73-qc3p-rjv2< / a > < br > < a href = "https://github.com/fastify/fastify-multipart/commit/a70dc7059a794589bd4fe066453141fc609e6066" > https://github.com/fastify/fastify-multipart/commit/a70dc7059a794589bd4fe066453141fc609e6066< / a > < br > < a href = "https://github.com/fastify/fastify-multipart/pull/116" > https://github.com/fastify/fastify-multipart/pull/116< / a > < br > < a href = "https://github.com/fastify/fastify-multipart/releases/tag/v5.3.1" > https://github.com/fastify/fastify-multipart/releases/tag/v5.3.1< / a > < br > < a href = "https://github.com/fastify/fastify-multipart/security/advisories/GHSA-qh73-qc3p-rjv2" > https://github.com/fastify/fastify-multipart/security/advisories/GHSA-qh73-qc3p-rjv2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23597" > https://nvd.nist.gov/vuln/detail/CVE-2021-23597< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-2395480" > https://snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-2395480< / a > < br > < a href = "https://www.fastify.io/docs/latest/Guides/Prototype-Poisoning/" > https://www.fastify.io/docs/latest/Guides/Prototype-Poisoning/< / a > < br > < / details > |
2022-05-18 20:10:07 +00:00
| minimist | CVE-2021-44906 | CRITICAL | 0.0.10 | 1.2.6 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-44906" > https://access.redhat.com/security/cve/CVE-2021-44906< / a > < br > < a href = "https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip" > https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip< / a > < br > < a href = "https://github.com/advisories/GHSA-xvch-5gv4-984h" > https://github.com/advisories/GHSA-xvch-5gv4-984h< / a > < br > < a href = "https://github.com/substack/minimist/blob/master/index.js#L69" > https://github.com/substack/minimist/blob/master/index.js#L69< / a > < br > < a href = "https://github.com/substack/minimist/issues/164" > https://github.com/substack/minimist/issues/164< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" > https://nvd.nist.gov/vuln/detail/CVE-2021-44906< / a > < br > < a href = "https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068" > https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068< / a > < br > < / details > |
2022-05-17 08:50:16 +00:00
| minimist | CVE-2020-7598 | MEDIUM | 0.0.10 | 1.2.3, 0.2.1 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html" > http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-7598" > https://access.redhat.com/security/cve/CVE-2020-7598< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2020-2852.html" > https://errata.almalinux.org/8/ALSA-2020-2852.html< / a > < br > < a href = "https://github.com/advisories/GHSA-vh95-rmgr-6w4m" > https://github.com/advisories/GHSA-vh95-rmgr-6w4m< / a > < br > < a href = "https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab" > https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab< / a > < br > < a href = "https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95" > https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95< / a > < br > < a href = "https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94" > https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7598.html" > https://linux.oracle.com/cve/CVE-2020-7598.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-2852.html" > https://linux.oracle.com/errata/ELSA-2020-2852.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7598" > https://nvd.nist.gov/vuln/detail/CVE-2020-7598< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://www.npmjs.com/advisories/1179" > https://www.npmjs.com/advisories/1179< / a > < br > < / details > |
2022-05-18 20:10:07 +00:00
| minimist | CVE-2021-44906 | CRITICAL | 1.2.5 | 1.2.6 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-44906" > https://access.redhat.com/security/cve/CVE-2021-44906< / a > < br > < a href = "https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip" > https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip< / a > < br > < a href = "https://github.com/advisories/GHSA-xvch-5gv4-984h" > https://github.com/advisories/GHSA-xvch-5gv4-984h< / a > < br > < a href = "https://github.com/substack/minimist/blob/master/index.js#L69" > https://github.com/substack/minimist/blob/master/index.js#L69< / a > < br > < a href = "https://github.com/substack/minimist/issues/164" > https://github.com/substack/minimist/issues/164< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" > https://nvd.nist.gov/vuln/detail/CVE-2021-44906< / a > < br > < a href = "https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068" > https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068< / a > < br > < / details > |
2022-05-17 08:50:16 +00:00
| moment | CVE-2022-24785 | HIGH | 2.29.1 | 2.29.2 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-24785" > https://access.redhat.com/security/cve/CVE-2022-24785< / a > < br > < a href = "https://github.com/advisories/GHSA-8hfj-j24r-96c4" > https://github.com/advisories/GHSA-8hfj-j24r-96c4< / a > < br > < a href = "https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5" > https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5< / a > < br > < a href = "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4" > https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-24785" > https://nvd.nist.gov/vuln/detail/CVE-2022-24785< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220513-0006/" > https://security.netapp.com/advisory/ntap-20220513-0006/< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-09" > https://www.tenable.com/security/tns-2022-09< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| npm | CVE-2022-29244 | MEDIUM | 8.3.1 | 8.11.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-hj9c-8jmm-8c52" > https://github.com/advisories/GHSA-hj9c-8jmm-8c52< / a > < br > < a href = "https://github.com/nodejs/node/pull/43210" > https://github.com/nodejs/node/pull/43210< / a > < br > < a href = "https://github.com/nodejs/node/releases/tag/v16.15.1" > https://github.com/nodejs/node/releases/tag/v16.15.1< / a > < br > < a href = "https://github.com/nodejs/node/releases/tag/v17.9.1" > https://github.com/nodejs/node/releases/tag/v17.9.1< / a > < br > < a href = "https://github.com/nodejs/node/releases/tag/v18.3.0" > https://github.com/nodejs/node/releases/tag/v18.3.0< / a > < br > < a href = "https://github.com/npm/cli/releases/tag/v8.11.0" > https://github.com/npm/cli/releases/tag/v8.11.0< / a > < br > < a href = "https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52" > https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52< / a > < br > < a href = "https://github.com/npm/cli/tree/latest/workspaces/libnpmpack" > https://github.com/npm/cli/tree/latest/workspaces/libnpmpack< / a > < br > < a href = "https://github.com/npm/cli/tree/latest/workspaces/libnpmpublish" > https://github.com/npm/cli/tree/latest/workspaces/libnpmpublish< / a > < br > < a href = "https://github.com/npm/npm-packlist" > https://github.com/npm/npm-packlist< / a > < br > < / details > |
2022-03-06 14:37:05 +00:00
| put | GHSA-v6gv-fg46-h89j | LOW | 0.0.6 | | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-v6gv-fg46-h89j" > https://github.com/advisories/GHSA-v6gv-fg46-h89j< / a > < br > < a href = "https://hackerone.com/reports/321702" > https://hackerone.com/reports/321702< / a > < br > < a href = "https://www.npmjs.com/advisories/1007" > https://www.npmjs.com/advisories/1007< / a > < br > < / details > |
| put | NSWG-ECO-444 | LOW | 0.0.6 | | < details > < summary > Expand...< / summary > < a href = "https://hackerone.com/reports/321702" > https://hackerone.com/reports/321702< / a > < br > < / details > |
**python-pkg**
2022-03-06 15:09:49 +00:00
2022-03-06 14:37:05 +00:00
| No Vulnerabilities found |
|:---------------------------------|