2021-12-05 00:50:14 +00:00
---
hide:
- toc
---
2021-12-05 23:17:30 +00:00
# Security Overview
2021-12-04 20:11:45 +00:00
2021-12-05 00:50:14 +00:00
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
2021-12-04 20:11:45 +00:00
## Helm-Chart
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Chart Object: komga/templates/common.yaml
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-05 00:50:14 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-komga' of Deployment ' RELEASE-NAME-komga' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-komga' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-komga' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-komga' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
2021-12-21 18:46:27 +00:00
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-komga' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
2021-12-04 20:11:45 +00:00
## Containers
##### Detected Containers
2022-03-26 15:30:42 +00:00
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
2022-03-15 15:31:02 +00:00
tccr.io/truecharts/komga:v0.153.1@sha256:4c6a79a3c63d87631ecf9237d5857e0ef0fb7c8b80b9a26f5f483aeccb9abb15
2021-12-04 20:11:45 +00:00
##### Scan Results
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2021-12-05 00:50:14 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2022-03-26 15:30:42 +00:00
| No Vulnerabilities found |
|:---------------------------------|
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2022-02-06 17:25:51 +00:00
**alpine**
2022-03-26 15:30:42 +00:00
| No Vulnerabilities found |
|:---------------------------------|
2021-12-27 08:23:26 +00:00
2022-03-15 15:31:02 +00:00
#### Container: tccr.io/truecharts/komga:v0.153.1@sha256:4c6a79a3c63d87631ecf9237d5857e0ef0fb7c8b80b9a26f5f483aeccb9abb15 (ubuntu 20.04)
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**ubuntu**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2021-12-27 08:23:26 +00:00
| bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html" > http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276< / a > < br > < a href = "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff" > https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-18276.html" > https://linux.oracle.com/cve/CVE-2019-18276.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-1679.html" > https://linux.oracle.com/errata/ELSA-2021-1679.html< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://security.gentoo.org/glsa/202105-34" > https://security.gentoo.org/glsa/202105-34< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200430-0003/" > https://security.netapp.com/advisory/ntap-20200430-0003/< / a > < br > < a href = "https://www.youtube.com/watch?v=-wGtxJ8opa8" > https://www.youtube.com/watch?v=-wGtxJ8opa8< / a > < br > < / details > |
| coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/oss-sec/2016/q1/452" > http://seclists.org/oss-sec/2016/q1/452< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2016/02/28/2" > http://www.openwall.com/lists/oss-security/2016/02/28/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2016/02/28/3" > http://www.openwall.com/lists/oss-security/2016/02/28/3< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://lore.kernel.org/patchwork/patch/793178/" > https://lore.kernel.org/patchwork/patch/793178/< / a > < br > < / details > |
| libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
2022-03-15 15:31:02 +00:00
| libexpat1 | CVE-2022-25313 | MEDIUM | 2.2.9-1ubuntu0.2 | 2.2.9-1ubuntu0.4 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/02/19/1" > http://www.openwall.com/lists/oss-security/2022/02/19/1< / a > < br > < a href = "https://blog.hartwork.org/posts/expat-2-4-5-released/" > https://blog.hartwork.org/posts/expat-2-4-5-released/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/558" > https://github.com/libexpat/libexpat/pull/558< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0008/" > https://security.netapp.com/advisory/ntap-20220303-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5320-1" > https://ubuntu.com/security/notices/USN-5320-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5085" > https://www.debian.org/security/2022/dsa-5085< / a > < br > < / details > |
| libexpat1 | CVE-2022-25314 | MEDIUM | 2.2.9-1ubuntu0.2 | 2.2.9-1ubuntu0.4 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/02/19/1" > http://www.openwall.com/lists/oss-security/2022/02/19/1< / a > < br > < a href = "https://blog.hartwork.org/posts/expat-2-4-5-released/" > https://blog.hartwork.org/posts/expat-2-4-5-released/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/560" > https://github.com/libexpat/libexpat/pull/560< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0008/" > https://security.netapp.com/advisory/ntap-20220303-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5320-1" > https://ubuntu.com/security/notices/USN-5320-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5085" > https://www.debian.org/security/2022/dsa-5085< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
| libexpat1 | CVE-2022-25315 | MEDIUM | 2.2.9-1ubuntu0.2 | 2.2.9-1ubuntu0.4 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/02/19/1" > http://www.openwall.com/lists/oss-security/2022/02/19/1< / a > < br > < a href = "https://blog.hartwork.org/posts/expat-2-4-5-released/" > https://blog.hartwork.org/posts/expat-2-4-5-released/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315< / a > < br > < a href = "https://github.com/libexpat/libexpat/pull/559" > https://github.com/libexpat/libexpat/pull/559< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-25315.html" > https://linux.oracle.com/cve/CVE-2022-25315.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0951.html" > https://linux.oracle.com/errata/ELSA-2022-0951.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0008/" > https://security.netapp.com/advisory/ntap-20220303-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5320-1" > https://ubuntu.com/security/notices/USN-5320-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5085" > https://www.debian.org/security/2022/dsa-5085< / a > < br > < / details > |
2021-12-27 08:23:26 +00:00
| libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | | < details > < summary > Expand...< / summary > < a href = "https://bugs.debian.org/994405" > https://bugs.debian.org/994405< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618< / a > < br > < a href = "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html" > https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html< / a > < br > < a href = "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e" > https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html" > https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html< / a > < br > < / details > |
| libgssapi-krb5-2 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222< / a > < br > < a href = "https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562" > https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562< / a > < br > < a href = "https://github.com/krb5/krb5/releases" > https://github.com/krb5/krb5/releases< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-36222.html" > https://linux.oracle.com/cve/CVE-2021-36222.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3576.html" > https://linux.oracle.com/errata/ELSA-2021-3576.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211022-0003/" > https://security.netapp.com/advisory/ntap-20211022-0003/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211104-0007/" > https://security.netapp.com/advisory/ntap-20211104-0007/< / a > < br > < a href = "https://web.mit.edu/kerberos/advisories/" > https://web.mit.edu/kerberos/advisories/< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-4944" > https://www.debian.org/security/2021/dsa-4944< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709< / a > < br > < a href = "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" > https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < / details > |
| libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
| libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
| libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
| libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
| libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
| libk5crypto3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222< / a > < br > < a href = "https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562" > https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562< / a > < br > < a href = "https://github.com/krb5/krb5/releases" > https://github.com/krb5/krb5/releases< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-36222.html" > https://linux.oracle.com/cve/CVE-2021-36222.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3576.html" > https://linux.oracle.com/errata/ELSA-2021-3576.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211022-0003/" > https://security.netapp.com/advisory/ntap-20211022-0003/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211104-0007/" > https://security.netapp.com/advisory/ntap-20211104-0007/< / a > < br > < a href = "https://web.mit.edu/kerberos/advisories/" > https://web.mit.edu/kerberos/advisories/< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-4944" > https://www.debian.org/security/2021/dsa-4944< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709< / a > < br > < a href = "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" > https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < / details > |
| libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
| libkrb5-3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222< / a > < br > < a href = "https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562" > https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562< / a > < br > < a href = "https://github.com/krb5/krb5/releases" > https://github.com/krb5/krb5/releases< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-36222.html" > https://linux.oracle.com/cve/CVE-2021-36222.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3576.html" > https://linux.oracle.com/errata/ELSA-2021-3576.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211022-0003/" > https://security.netapp.com/advisory/ntap-20211022-0003/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211104-0007/" > https://security.netapp.com/advisory/ntap-20211104-0007/< / a > < br > < a href = "https://web.mit.edu/kerberos/advisories/" > https://web.mit.edu/kerberos/advisories/< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-4944" > https://www.debian.org/security/2021/dsa-4944< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709< / a > < br > < a href = "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" > https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < / details > |
| libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222< / a > < br > < a href = "https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562" > https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562< / a > < br > < a href = "https://github.com/krb5/krb5/releases" > https://github.com/krb5/krb5/releases< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-36222.html" > https://linux.oracle.com/cve/CVE-2021-36222.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3576.html" > https://linux.oracle.com/errata/ELSA-2021-3576.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211022-0003/" > https://security.netapp.com/advisory/ntap-20211022-0003/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211104-0007/" > https://security.netapp.com/advisory/ntap-20211104-0007/< / a > < br > < a href = "https://web.mit.edu/kerberos/advisories/" > https://web.mit.edu/kerberos/advisories/< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-4944" > https://www.debian.org/security/2021/dsa-4944< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709< / a > < br > < a href = "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" > https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < / details > |
| libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | | < details > < summary > Expand...< / summary > < a href = "http://openwall.com/lists/oss-security/2017/07/11/3" > http://openwall.com/lists/oss-security/2017/07/11/3< / a > < br > < a href = "http://www.securityfocus.com/bid/99575" > http://www.securityfocus.com/bid/99575< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < / details > |
| libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2020/Dec/32" > http://seclists.org/fulldisclosure/2020/Dec/32< / a > < br > < a href = "http://seclists.org/fulldisclosure/2021/Feb/14" > http://seclists.org/fulldisclosure/2021/Feb/14< / a > < br > < a href = "https://bugs.gentoo.org/717920" > https://bugs.gentoo.org/717920< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-20838.html" > https://linux.oracle.com/cve/CVE-2019-20838.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4373.html" > https://linux.oracle.com/errata/ELSA-2021-4373.html< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://support.apple.com/kb/HT211931" > https://support.apple.com/kb/HT211931< / a > < br > < a href = "https://support.apple.com/kb/HT212147" > https://support.apple.com/kb/HT212147< / a > < br > < a href = "https://www.pcre.org/original/changelog.txt" > https://www.pcre.org/original/changelog.txt< / a > < br > < / details > |
| libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2020/Dec/32" > http://seclists.org/fulldisclosure/2020/Dec/32< / a > < br > < a href = "http://seclists.org/fulldisclosure/2021/Feb/14" > http://seclists.org/fulldisclosure/2021/Feb/14< / a > < br > < a href = "https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/" > https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/< / a > < br > < a href = "https://bugs.gentoo.org/717920" > https://bugs.gentoo.org/717920< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-14155.html" > https://linux.oracle.com/cve/CVE-2020-14155.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4373.html" > https://linux.oracle.com/errata/ELSA-2021-4373.html< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://support.apple.com/kb/HT211931" > https://support.apple.com/kb/HT211931< / a > < br > < a href = "https://support.apple.com/kb/HT212147" > https://support.apple.com/kb/HT212147< / a > < br > < a href = "https://www.pcre.org/original/changelog.txt" > https://www.pcre.org/original/changelog.txt< / a > < br > < / details > |
| libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
2022-01-31 21:41:01 +00:00
| libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | | < details > < summary > Expand...< / summary > < a href = "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065" > https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084< / a > < br > < a href = "https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3" > https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3< / a > < br > < a href = "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml" > https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-36084.html" > https://linux.oracle.com/cve/CVE-2021-36084.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4513.html" > https://linux.oracle.com/errata/ELSA-2021-4513.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/< / a > < br > < / details > |
| libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | | < details > < summary > Expand...< / summary > < a href = "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124" > https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085< / a > < br > < a href = "https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba" > https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba< / a > < br > < a href = "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml" > https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-36085.html" > https://linux.oracle.com/cve/CVE-2021-36085.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4513.html" > https://linux.oracle.com/errata/ELSA-2021-4513.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/< / a > < br > < / details > |
| libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | | < details > < summary > Expand...< / summary > < a href = "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177" > https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086< / a > < br > < a href = "https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8" > https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8< / a > < br > < a href = "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml" > https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-36086.html" > https://linux.oracle.com/cve/CVE-2021-36086.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4513.html" > https://linux.oracle.com/errata/ELSA-2021-4513.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/< / a > < br > < / details > |
| libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | | < details > < summary > Expand...< / summary > < a href = "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675" > https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087< / a > < br > < a href = "https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521" > https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521< / a > < br > < a href = "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml" > https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-36087.html" > https://linux.oracle.com/cve/CVE-2021-36087.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4513.html" > https://linux.oracle.com/errata/ELSA-2021-4513.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/< / a > < br > < a href = "https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/" > https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/< / a > < br > < / details > |
2021-12-27 08:23:26 +00:00
| libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://support.apple.com/HT211168" > https://support.apple.com/HT211168< / a > < br > < a href = "https://support.apple.com/HT211170" > https://support.apple.com/HT211170< / a > < br > < a href = "https://support.apple.com/HT211171" > https://support.apple.com/HT211171< / a > < br > < a href = "https://support.apple.com/HT211175" > https://support.apple.com/HT211175< / a > < br > < a href = "https://support.apple.com/HT211178" > https://support.apple.com/HT211178< / a > < br > < a href = "https://support.apple.com/HT211179" > https://support.apple.com/HT211179< / a > < br > < a href = "https://support.apple.com/HT211181" > https://support.apple.com/HT211181< / a > < br > < a href = "https://vuldb.com/?id.155768" > https://vuldb.com/?id.155768< / a > < br > < / details > |
| libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2020/Dec/32" > http://seclists.org/fulldisclosure/2020/Dec/32< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://support.apple.com/en-us/HT211843" > https://support.apple.com/en-us/HT211843< / a > < br > < a href = "https://support.apple.com/en-us/HT211844" > https://support.apple.com/en-us/HT211844< / a > < br > < a href = "https://support.apple.com/en-us/HT211850" > https://support.apple.com/en-us/HT211850< / a > < br > < a href = "https://support.apple.com/en-us/HT211931" > https://support.apple.com/en-us/HT211931< / a > < br > < a href = "https://support.apple.com/en-us/HT211935" > https://support.apple.com/en-us/HT211935< / a > < br > < a href = "https://support.apple.com/en-us/HT211952" > https://support.apple.com/en-us/HT211952< / a > < br > < a href = "https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/" > https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/< / a > < br > < / details > |
| libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2020/Dec/32" > http://seclists.org/fulldisclosure/2020/Dec/32< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://support.apple.com/en-us/HT211843" > https://support.apple.com/en-us/HT211843< / a > < br > < a href = "https://support.apple.com/en-us/HT211844" > https://support.apple.com/en-us/HT211844< / a > < br > < a href = "https://support.apple.com/en-us/HT211847" > https://support.apple.com/en-us/HT211847< / a > < br > < a href = "https://support.apple.com/en-us/HT211850" > https://support.apple.com/en-us/HT211850< / a > < br > < a href = "https://support.apple.com/en-us/HT211931" > https://support.apple.com/en-us/HT211931< / a > < br > < a href = "https://support.apple.com/kb/HT211846" > https://support.apple.com/kb/HT211846< / a > < br > < a href = "https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/" > https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/< / a > < br > < / details > |
2022-02-08 17:15:24 +00:00
| libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.sqlite.org/forum/forumpost/718c0a8d17" > https://www.sqlite.org/forum/forumpost/718c0a8d17< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
| libssl1.1 | CVE-2022-0778 | HIGH | 1.1.1f-1ubuntu2.10 | 1.1.1f-1ubuntu2.12 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-0778.html" > https://linux.oracle.com/cve/CVE-2022-0778.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9246.html" > https://linux.oracle.com/errata/ELSA-2022-9246.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220321-0002/" > https://security.netapp.com/advisory/ntap-20220321-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-1" > https://ubuntu.com/security/notices/USN-5328-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-2" > https://ubuntu.com/security/notices/USN-5328-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5103" > https://www.debian.org/security/2022/dsa-5103< / a > < br > < a href = "https://www.openssl.org/news/secadv/20220315.txt" > https://www.openssl.org/news/secadv/20220315.txt< / a > < br > < / details > |
2021-12-27 08:23:26 +00:00
| libtasn1-6 | CVE-2018-1000654 | LOW | 4.16.0-2 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html" > http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html" > http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html< / a > < br > < a href = "http://www.securityfocus.com/bid/105151" > http://www.securityfocus.com/bid/105151< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654< / a > < br > < a href = "https://gitlab.com/gnutls/libtasn1/issues/4" > https://gitlab.com/gnutls/libtasn1/issues/4< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < / details > |
| libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," > https://bugzilla.redhat.com/show_bug.cgi?id=2013080,< / a > < br > < a href = "https://bugzilla.samba.org/show_bug.cgi?id=14770," > https://bugzilla.samba.org/show_bug.cgi?id=14770,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671< / a > < br > < a href = "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" > https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5142-1" > https://ubuntu.com/security/notices/USN-5142-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5174-1" > https://ubuntu.com/security/notices/USN-5174-1< / a > < br > < / details > |
| login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/cve-2013-4235" > https://access.redhat.com/security/cve/cve-2013-4235< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2013-4235" > https://security-tracker.debian.org/tracker/CVE-2013-4235< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
| openssl | CVE-2022-0778 | HIGH | 1.1.1f-1ubuntu2.10 | 1.1.1f-1ubuntu2.12 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-0778.html" > https://linux.oracle.com/cve/CVE-2022-0778.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9246.html" > https://linux.oracle.com/errata/ELSA-2022-9246.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220321-0002/" > https://security.netapp.com/advisory/ntap-20220321-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-1" > https://ubuntu.com/security/notices/USN-5328-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-2" > https://ubuntu.com/security/notices/USN-5328-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5103" > https://www.debian.org/security/2022/dsa-5103< / a > < br > < a href = "https://www.openssl.org/news/secadv/20220315.txt" > https://www.openssl.org/news/secadv/20220315.txt< / a > < br > < / details > |
2021-12-27 08:23:26 +00:00
| passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/cve-2013-4235" > https://access.redhat.com/security/cve/cve-2013-4235< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2013-4235" > https://security-tracker.debian.org/tracker/CVE-2013-4235< / a > < br > < / details > |
2022-01-13 00:08:34 +00:00
| perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | | < details > < summary > Expand...< / summary > < a href = "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html" > http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html< / a > < br > < a href = "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/" > https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156< / a > < br > < a href = "https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c" > https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/< / a > < br > < a href = "https://metacpan.org/pod/distribution/CPAN/scripts/cpan" > https://metacpan.org/pod/distribution/CPAN/scripts/cpan< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
| tar | CVE-2021-20193 | LOW | 1.30+dfsg-7ubuntu0.20.04.1 | 1.30+dfsg-7ubuntu0.20.04.2 | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1917565" > https://bugzilla.redhat.com/show_bug.cgi?id=1917565< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193< / a > < br > < a href = "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777" > https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777< / a > < br > < a href = "https://savannah.gnu.org/bugs/?59897" > https://savannah.gnu.org/bugs/?59897< / a > < br > < a href = "https://security.gentoo.org/glsa/202105-29" > https://security.gentoo.org/glsa/202105-29< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5329-1" > https://ubuntu.com/security/notices/USN-5329-1< / a > < br > < / details > |
| zlib1g | CVE-2018-25032 | MEDIUM | 1:1.2.11.dfsg-2ubuntu1.2 | | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
2021-12-04 20:11:45 +00:00
**jar**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-03-26 15:30:42 +00:00
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-36518 | HIGH | 2.12.6 | 2.13.2.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b" > https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2816" > https://github.com/FasterXML/jackson-databind/issues/2816< / a > < br > < a href = "https://github.com/advisories/GHSA-57j2-w4cx-62h2" > https://github.com/advisories/GHSA-57j2-w4cx-62h2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-36518" > https://nvd.nist.gov/vuln/detail/CVE-2020-36518< / a > < br > < / details > |
2022-02-03 18:31:19 +00:00
| com.github.junrar:junrar | CVE-2022-23596 | HIGH | 7.4.0 | 7.4.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-m6cj-93v6-cvr5" > https://github.com/advisories/GHSA-m6cj-93v6-cvr5< / a > < br > < a href = "https://github.com/junrar/junrar/commit/7b16b3d90b91445fd6af0adfed22c07413d4fab7" > https://github.com/junrar/junrar/commit/7b16b3d90b91445fd6af0adfed22c07413d4fab7< / a > < br > < a href = "https://github.com/junrar/junrar/issues/73" > https://github.com/junrar/junrar/issues/73< / a > < br > < a href = "https://github.com/junrar/junrar/security/advisories/GHSA-m6cj-93v6-cvr5" > https://github.com/junrar/junrar/security/advisories/GHSA-m6cj-93v6-cvr5< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23596" > https://nvd.nist.gov/vuln/detail/CVE-2022-23596< / a > < br > < / details > |
2022-03-03 23:48:12 +00:00
| org.apache.activemq:artemis-commons | CVE-2022-23913 | HIGH | 2.17.0 | 2.19.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-pr38-qpxm-g88x" > https://github.com/advisories/GHSA-pr38-qpxm-g88x< / a > < br > < a href = "https://github.com/apache/activemq-artemis/pull/3862" > https://github.com/apache/activemq-artemis/pull/3862< / a > < br > < a href = "https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7" > https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7< / a > < br > < a href = "https://github.com/apache/activemq-artemis/pull/3871" > https://github.com/apache/activemq-artemis/pull/3871< / a > < br > < a href = "https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82" > https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82< / a > < br > < a href = "https://issues.apache.org/jira/browse/ARTEMIS-3593" > https://issues.apache.org/jira/browse/ARTEMIS-3593< / a > < br > < a href = "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2" > https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23913" > https://nvd.nist.gov/vuln/detail/CVE-2022-23913< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0003/" > https://security.netapp.com/advisory/ntap-20220303-0003/< / a > < br > < / details > |
2022-02-10 16:28:00 +00:00
| org.apache.activemq:artemis-server | CVE-2020-13947 | MEDIUM | 2.17.0 | | < details > < summary > Expand...< / summary > < a href = "http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt" > http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt< / a > < br > < a href = "https://github.com/advisories/GHSA-66gw-ch5v-74v8" > https://github.com/advisories/GHSA-66gw-ch5v-74v8< / a > < br > < a href = "https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E" > https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E" > https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E" > https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-13947" > https://nvd.nist.gov/vuln/detail/CVE-2020-13947< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| org.jgroups:jgroups | CVE-2016-2141 | CRITICAL | 3.6.13.Final | 4.0 | < details > < summary > Expand...< / summary > < a href = "http://rhn.redhat.com/errata/RHSA-2016-1435.html" > http://rhn.redhat.com/errata/RHSA-2016-1435.html< / a > < br > < a href = "http://rhn.redhat.com/errata/RHSA-2016-1439.html" > http://rhn.redhat.com/errata/RHSA-2016-1439.html< / a > < br > < a href = "http://rhn.redhat.com/errata/RHSA-2016-2035.html" > http://rhn.redhat.com/errata/RHSA-2016-2035.html< / a > < br > < a href = "http://www.securityfocus.com/bid/91481" > http://www.securityfocus.com/bid/91481< / a > < br > < a href = "http://www.securitytracker.com/id/1036165" > http://www.securitytracker.com/id/1036165< / a > < br > < a href = "https://access.redhat.com/articles/2360521" > https://access.redhat.com/articles/2360521< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1345" > https://access.redhat.com/errata/RHSA-2016:1345< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1346" > https://access.redhat.com/errata/RHSA-2016:1346< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1347" > https://access.redhat.com/errata/RHSA-2016:1347< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1374" > https://access.redhat.com/errata/RHSA-2016:1374< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1376" > https://access.redhat.com/errata/RHSA-2016:1376< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1389" > https://access.redhat.com/errata/RHSA-2016:1389< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1432" > https://access.redhat.com/errata/RHSA-2016:1432< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1433" > https://access.redhat.com/errata/RHSA-2016:1433< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1434" > https://access.redhat.com/errata/RHSA-2016:1434< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1313589" > https://bugzilla.redhat.com/show_bug.cgi?id=1313589< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2141" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2141< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2141" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2141< / a > < br > < a href = "https://issues.jboss.org/browse/JGRP-2021" > https://issues.jboss.org/browse/JGRP-2021< / a > < br > < a href = "https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a@%3Cdev.geode.apache.org%3E" > https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a@%3Cdev.geode.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0@%3Cdev.geode.apache.org%3E" > https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0@%3Cdev.geode.apache.org%3E< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1328.html" > https://rhn.redhat.com/errata/RHSA-2016-1328.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1329.html" > https://rhn.redhat.com/errata/RHSA-2016-1329.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1330.html" > https://rhn.redhat.com/errata/RHSA-2016-1330.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1331.html" > https://rhn.redhat.com/errata/RHSA-2016-1331.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1332.html" > https://rhn.redhat.com/errata/RHSA-2016-1332.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1333.html" > https://rhn.redhat.com/errata/RHSA-2016-1333.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1334.html" > https://rhn.redhat.com/errata/RHSA-2016-1334.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" > https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html< / a > < br > < / details > |