2021-12-05 00:50:14 +00:00
---
hide:
- toc
---
2021-12-05 23:17:30 +00:00
# Security Overview
2021-12-04 20:11:45 +00:00
2021-12-05 00:50:14 +00:00
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
2021-12-04 20:11:45 +00:00
## Helm-Chart
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Chart Object: komga/templates/common.yaml
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-05 00:50:14 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-komga' of Deployment ' RELEASE-NAME-komga' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-komga' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-komga' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-komga' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-komga' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
2021-12-21 18:46:27 +00:00
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-komga' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
2021-12-04 20:11:45 +00:00
## Containers
##### Detected Containers
2022-03-26 15:30:42 +00:00
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
2022-05-31 20:26:49 +00:00
tccr.io/truecharts/komga:v0.154.2@sha256:725a3e55e1800e239ba28623a07d44f80377635d966ed96184abb4299d956fcb
2021-12-04 20:11:45 +00:00
##### Scan Results
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2021-12-05 00:50:14 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-05-10 21:17:41 +00:00
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-05-31 20:26:49 +00:00
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-05 09:00:47 +00:00
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-31 20:26:49 +00:00
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-05 09:00:47 +00:00
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-05-26 19:29:31 +00:00
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-2201.html" > https://errata.almalinux.org/8/ALSA-2022-2201.html< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-25032.html" > https://linux.oracle.com/cve/CVE-2018-25032.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-2213.html" > https://linux.oracle.com/errata/ELSA-2022-2213.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220526-0009/" > https://security.netapp.com/advisory/ntap-20220526-0009/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb/HT213256" > https://support.apple.com/kb/HT213256< / a > < br > < a href = "https://support.apple.com/kb/HT213257" > https://support.apple.com/kb/HT213257< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2022-02-06 17:25:51 +00:00
**alpine**
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-05-10 21:17:41 +00:00
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-05-31 20:26:49 +00:00
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-05 09:00:47 +00:00
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-31 20:26:49 +00:00
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-05 09:00:47 +00:00
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-05-26 19:29:31 +00:00
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-2201.html" > https://errata.almalinux.org/8/ALSA-2022-2201.html< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-25032.html" > https://linux.oracle.com/cve/CVE-2018-25032.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-2213.html" > https://linux.oracle.com/errata/ELSA-2022-2213.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220526-0009/" > https://security.netapp.com/advisory/ntap-20220526-0009/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb/HT213256" > https://support.apple.com/kb/HT213256< / a > < br > < a href = "https://support.apple.com/kb/HT213257" > https://support.apple.com/kb/HT213257< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a
2021-12-27 08:23:26 +00:00
2022-05-31 20:26:49 +00:00
#### Container: tccr.io/truecharts/komga:v0.154.2@sha256:725a3e55e1800e239ba28623a07d44f80377635d966ed96184abb4299d956fcb (ubuntu 22.04)
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**ubuntu**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-05-31 20:26:49 +00:00
| coreutils | CVE-2016-2781 | LOW | 8.32-4.1ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/oss-sec/2016/q1/452" > http://seclists.org/oss-sec/2016/q1/452< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2016/02/28/2" > http://www.openwall.com/lists/oss-security/2016/02/28/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2016/02/28/3" > http://www.openwall.com/lists/oss-security/2016/02/28/3< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2016-2781" > https://access.redhat.com/security/cve/CVE-2016-2781< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://lore.kernel.org/patchwork/patch/793178/" > https://lore.kernel.org/patchwork/patch/793178/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2016-2781" > https://nvd.nist.gov/vuln/detail/CVE-2016-2781< / a > < br > < / details > |
| dpkg | CVE-2022-1664 | MEDIUM | 1.21.1ubuntu2 | 1.21.1ubuntu2.1 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664< / a > < br > < a href = "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495" > https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495< / a > < br > < a href = "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5" > https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5< / a > < br > < a href = "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b" > https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b< / a > < br > < a href = "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be" > https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html< / a > < br > < a href = "https://lists.debian.org/debian-security-announce/2022/msg00115.html" > https://lists.debian.org/debian-security-announce/2022/msg00115.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5446-1" > https://ubuntu.com/security/notices/USN-5446-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5446-2" > https://ubuntu.com/security/notices/USN-5446-2< / a > < br > < / details > |
| e2fsprogs | CVE-2022-1304 | MEDIUM | 1.46.5-2ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1304" > https://access.redhat.com/security/cve/CVE-2022-1304< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2069726" > https://bugzilla.redhat.com/show_bug.cgi?id=2069726< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304< / a > < br > < a href = "https://marc.info/?l=linux-ext4&m=165056234501732&w=2" > https://marc.info/?l=linux-ext4& m=165056234501732& w=2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1304" > https://nvd.nist.gov/vuln/detail/CVE-2022-1304< / a > < br > < / details > |
| libcom-err2 | CVE-2022-1304 | MEDIUM | 1.46.5-2ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1304" > https://access.redhat.com/security/cve/CVE-2022-1304< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2069726" > https://bugzilla.redhat.com/show_bug.cgi?id=2069726< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304< / a > < br > < a href = "https://marc.info/?l=linux-ext4&m=165056234501732&w=2" > https://marc.info/?l=linux-ext4& m=165056234501732& w=2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1304" > https://nvd.nist.gov/vuln/detail/CVE-2022-1304< / a > < br > < / details > |
| libext2fs2 | CVE-2022-1304 | MEDIUM | 1.46.5-2ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1304" > https://access.redhat.com/security/cve/CVE-2022-1304< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2069726" > https://bugzilla.redhat.com/show_bug.cgi?id=2069726< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304< / a > < br > < a href = "https://marc.info/?l=linux-ext4&m=165056234501732&w=2" > https://marc.info/?l=linux-ext4& m=165056234501732& w=2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1304" > https://nvd.nist.gov/vuln/detail/CVE-2022-1304< / a > < br > < / details > |
| libfreetype6 | CVE-2022-27404 | MEDIUM | 2.11.1+dfsg-1build1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27404" > https://access.redhat.com/security/cve/CVE-2022-27404< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404< / a > < br > < a href = "https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db" > https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db< / a > < br > < a href = "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138" > https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27404" > https://nvd.nist.gov/vuln/detail/CVE-2022-27404< / a > < br > < / details > |
| libfreetype6 | CVE-2022-27405 | LOW | 2.11.1+dfsg-1build1 | | < details > < summary > Expand...< / summary > < a href = "http://freetype.com" > http://freetype.com< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-27405" > https://access.redhat.com/security/cve/CVE-2022-27405< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405< / a > < br > < a href = "https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5" > https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5< / a > < br > < a href = "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139" > https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27405" > https://nvd.nist.gov/vuln/detail/CVE-2022-27405< / a > < br > < / details > |
| libfreetype6 | CVE-2022-27406 | LOW | 2.11.1+dfsg-1build1 | | < details > < summary > Expand...< / summary > < a href = "http://freetype.com" > http://freetype.com< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-27406" > https://access.redhat.com/security/cve/CVE-2022-27406< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406< / a > < br > < a href = "https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2" > https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2< / a > < br > < a href = "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140" > https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27406" > https://nvd.nist.gov/vuln/detail/CVE-2022-27406< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5453-1" > https://ubuntu.com/security/notices/USN-5453-1< / a > < br > < / details > |
| libgmp10 | CVE-2021-43618 | LOW | 2:6.2.1+dfsg-3ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-43618" > https://access.redhat.com/security/cve/CVE-2021-43618< / a > < br > < a href = "https://bugs.debian.org/994405" > https://bugs.debian.org/994405< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618< / a > < br > < a href = "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html" > https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html< / a > < br > < a href = "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e" > https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html" > https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-43618" > https://nvd.nist.gov/vuln/detail/CVE-2021-43618< / a > < br > < / details > |
| libpcre2-8-0 | CVE-2022-1586 | LOW | 10.39-3build1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1586" > https://access.redhat.com/security/cve/CVE-2022-1586< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2077976," > https://bugzilla.redhat.com/show_bug.cgi?id=2077976,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586< / a > < br > < a href = "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a," > https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,< / a > < br > < a href = "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c" > https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1586" > https://nvd.nist.gov/vuln/detail/CVE-2022-1586< / a > < br > < / details > |
| libpcre2-8-0 | CVE-2022-1587 | LOW | 10.39-3build1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1587" > https://access.redhat.com/security/cve/CVE-2022-1587< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2077983," > https://bugzilla.redhat.com/show_bug.cgi?id=2077983,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587< / a > < br > < a href = "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0" > https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1587" > https://nvd.nist.gov/vuln/detail/CVE-2022-1587< / a > < br > < / details > |
| libpcre3 | CVE-2017-11164 | LOW | 2:8.39-13build5 | | < details > < summary > Expand...< / summary > < a href = "http://openwall.com/lists/oss-security/2017/07/11/3" > http://openwall.com/lists/oss-security/2017/07/11/3< / a > < br > < a href = "http://www.securityfocus.com/bid/99575" > http://www.securityfocus.com/bid/99575< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-11164" > https://access.redhat.com/security/cve/CVE-2017-11164< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < / details > |
| libpcre3 | CVE-2019-20838 | LOW | 2:8.39-13build5 | 2:8.39-13ubuntu0.22.04.1 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2020/Dec/32" > http://seclists.org/fulldisclosure/2020/Dec/32< / a > < br > < a href = "http://seclists.org/fulldisclosure/2021/Feb/14" > http://seclists.org/fulldisclosure/2021/Feb/14< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-20838" > https://access.redhat.com/security/cve/CVE-2019-20838< / a > < br > < a href = "https://bugs.gentoo.org/717920" > https://bugs.gentoo.org/717920< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2021-4373.html" > https://errata.almalinux.org/8/ALSA-2021-4373.html< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-20838.html" > https://linux.oracle.com/cve/CVE-2019-20838.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4373.html" > https://linux.oracle.com/errata/ELSA-2021-4373.html< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-20838" > https://nvd.nist.gov/vuln/detail/CVE-2019-20838< / a > < br > < a href = "https://support.apple.com/kb/HT211931" > https://support.apple.com/kb/HT211931< / a > < br > < a href = "https://support.apple.com/kb/HT212147" > https://support.apple.com/kb/HT212147< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5425-1" > https://ubuntu.com/security/notices/USN-5425-1< / a > < br > < a href = "https://www.pcre.org/original/changelog.txt" > https://www.pcre.org/original/changelog.txt< / a > < br > < / details > |
| libss2 | CVE-2022-1304 | MEDIUM | 1.46.5-2ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1304" > https://access.redhat.com/security/cve/CVE-2022-1304< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2069726" > https://bugzilla.redhat.com/show_bug.cgi?id=2069726< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304< / a > < br > < a href = "https://marc.info/?l=linux-ext4&m=165056234501732&w=2" > https://marc.info/?l=linux-ext4& m=165056234501732& w=2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1304" > https://nvd.nist.gov/vuln/detail/CVE-2022-1304< / a > < br > < / details > |
| login | CVE-2013-4235 | LOW | 1:4.8.1-2ubuntu2 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2013-4235" > https://access.redhat.com/security/cve/CVE-2013-4235< / a > < br > < a href = "https://access.redhat.com/security/cve/cve-2013-4235" > https://access.redhat.com/security/cve/cve-2013-4235< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2013-4235" > https://security-tracker.debian.org/tracker/CVE-2013-4235< / a > < br > < / details > |
| logsave | CVE-2022-1304 | MEDIUM | 1.46.5-2ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1304" > https://access.redhat.com/security/cve/CVE-2022-1304< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2069726" > https://bugzilla.redhat.com/show_bug.cgi?id=2069726< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304< / a > < br > < a href = "https://marc.info/?l=linux-ext4&m=165056234501732&w=2" > https://marc.info/?l=linux-ext4& m=165056234501732& w=2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1304" > https://nvd.nist.gov/vuln/detail/CVE-2022-1304< / a > < br > < / details > |
| passwd | CVE-2013-4235 | LOW | 1:4.8.1-2ubuntu2 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2013-4235" > https://access.redhat.com/security/cve/CVE-2013-4235< / a > < br > < a href = "https://access.redhat.com/security/cve/cve-2013-4235" > https://access.redhat.com/security/cve/cve-2013-4235< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235< / a > < br > < a href = "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" > https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2013-4235" > https://security-tracker.debian.org/tracker/CVE-2013-4235< / a > < br > < / details > |
| perl-base | CVE-2020-16156 | MEDIUM | 5.34.0-3ubuntu1 | | < details > < summary > Expand...< / summary > < a href = "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html" > http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-16156" > https://access.redhat.com/security/cve/CVE-2020-16156< / a > < br > < a href = "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/" > https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/< / a > < br > < a href = "https://metacpan.org/pod/distribution/CPAN/scripts/cpan" > https://metacpan.org/pod/distribution/CPAN/scripts/cpan< / a > < br > < / details > |
| tar | CVE-2019-9923 | LOW | 1.34+dfsg-1build3 | | < details > < summary > Expand...< / summary > < a href = "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120" > http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html" > http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html< / a > < br > < a href = "http://savannah.gnu.org/bugs/?55369" > http://savannah.gnu.org/bugs/?55369< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-9923" > https://access.redhat.com/security/cve/CVE-2019-9923< / a > < br > < a href = "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241" > https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923< / a > < br > < a href = "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4692-1" > https://ubuntu.com/security/notices/USN-4692-1< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
2021-12-04 20:11:45 +00:00
**jar**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-05-18 20:10:07 +00:00
| io.netty:netty-codec-http | CVE-2022-24823 | MEDIUM | 4.1.75.Final | 4.1.77.Final | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-24823" > https://access.redhat.com/security/cve/CVE-2022-24823< / a > < br > < a href = "https://github.com/advisories/GHSA-269q-hmxg-m83q" > https://github.com/advisories/GHSA-269q-hmxg-m83q< / a > < br > < a href = "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1" > https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1< / a > < br > < a href = "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q" > https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q< / a > < br > < a href = "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2" > https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-24823" > https://nvd.nist.gov/vuln/detail/CVE-2022-24823< / a > < br > < / details > |
2022-05-05 09:00:47 +00:00
| org.apache.activemq:artemis-commons | CVE-2022-23913 | HIGH | 2.17.0 | 2.19.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-23913" > https://access.redhat.com/security/cve/CVE-2022-23913< / a > < br > < a href = "https://github.com/advisories/GHSA-pr38-qpxm-g88x" > https://github.com/advisories/GHSA-pr38-qpxm-g88x< / a > < br > < a href = "https://github.com/apache/activemq-artemis/pull/3862" > https://github.com/apache/activemq-artemis/pull/3862< / a > < br > < a href = "https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7" > https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7< / a > < br > < a href = "https://github.com/apache/activemq-artemis/pull/3871" > https://github.com/apache/activemq-artemis/pull/3871< / a > < br > < a href = "https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82" > https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82< / a > < br > < a href = "https://github.com/github/codeql-java-CVE-coverage/issues/1061" > https://github.com/github/codeql-java-CVE-coverage/issues/1061< / a > < br > < a href = "https://issues.apache.org/jira/browse/ARTEMIS-3593" > https://issues.apache.org/jira/browse/ARTEMIS-3593< / a > < br > < a href = "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2" > https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23913" > https://nvd.nist.gov/vuln/detail/CVE-2022-23913< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220303-0003/" > https://security.netapp.com/advisory/ntap-20220303-0003/< / a > < br > < / details > |
2022-02-10 16:28:00 +00:00
| org.apache.activemq:artemis-server | CVE-2020-13947 | MEDIUM | 2.17.0 | | < details > < summary > Expand...< / summary > < a href = "http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt" > http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt< / a > < br > < a href = "https://github.com/advisories/GHSA-66gw-ch5v-74v8" > https://github.com/advisories/GHSA-66gw-ch5v-74v8< / a > < br > < a href = "https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E" > https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E" > https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E" > https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-13947" > https://nvd.nist.gov/vuln/detail/CVE-2020-13947< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| org.jgroups:jgroups | CVE-2016-2141 | CRITICAL | 3.6.13.Final | 4.0 | < details > < summary > Expand...< / summary > < a href = "http://rhn.redhat.com/errata/RHSA-2016-1435.html" > http://rhn.redhat.com/errata/RHSA-2016-1435.html< / a > < br > < a href = "http://rhn.redhat.com/errata/RHSA-2016-1439.html" > http://rhn.redhat.com/errata/RHSA-2016-1439.html< / a > < br > < a href = "http://rhn.redhat.com/errata/RHSA-2016-2035.html" > http://rhn.redhat.com/errata/RHSA-2016-2035.html< / a > < br > < a href = "http://www.securityfocus.com/bid/91481" > http://www.securityfocus.com/bid/91481< / a > < br > < a href = "http://www.securitytracker.com/id/1036165" > http://www.securitytracker.com/id/1036165< / a > < br > < a href = "https://access.redhat.com/articles/2360521" > https://access.redhat.com/articles/2360521< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1345" > https://access.redhat.com/errata/RHSA-2016:1345< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1346" > https://access.redhat.com/errata/RHSA-2016:1346< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1347" > https://access.redhat.com/errata/RHSA-2016:1347< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1374" > https://access.redhat.com/errata/RHSA-2016:1374< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1376" > https://access.redhat.com/errata/RHSA-2016:1376< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1389" > https://access.redhat.com/errata/RHSA-2016:1389< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1432" > https://access.redhat.com/errata/RHSA-2016:1432< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1433" > https://access.redhat.com/errata/RHSA-2016:1433< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2016:1434" > https://access.redhat.com/errata/RHSA-2016:1434< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2016-2141" > https://access.redhat.com/security/cve/CVE-2016-2141< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1313589" > https://bugzilla.redhat.com/show_bug.cgi?id=1313589< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2141" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2141< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2141" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2141< / a > < br > < a href = "https://issues.jboss.org/browse/JGRP-2021" > https://issues.jboss.org/browse/JGRP-2021< / a > < br > < a href = "https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a@%3Cdev.geode.apache.org%3E" > https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a@%3Cdev.geode.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0@%3Cdev.geode.apache.org%3E" > https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0@%3Cdev.geode.apache.org%3E< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1328.html" > https://rhn.redhat.com/errata/RHSA-2016-1328.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1329.html" > https://rhn.redhat.com/errata/RHSA-2016-1329.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1330.html" > https://rhn.redhat.com/errata/RHSA-2016-1330.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1331.html" > https://rhn.redhat.com/errata/RHSA-2016-1331.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1332.html" > https://rhn.redhat.com/errata/RHSA-2016-1332.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1333.html" > https://rhn.redhat.com/errata/RHSA-2016-1333.html< / a > < br > < a href = "https://rhn.redhat.com/errata/RHSA-2016-1334.html" > https://rhn.redhat.com/errata/RHSA-2016-1334.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" > https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html< / a > < br > < / details > |
2022-05-26 10:35:17 +00:00
| org.springframework.security:spring-security-core | CVE-2022-22978 | HIGH | 5.5.5 | 5.6.4, 5.5.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22978" > https://access.redhat.com/security/cve/CVE-2022-22978< / a > < br > < a href = "https://github.com/advisories/GHSA-hh32-7344-cg2f" > https://github.com/advisories/GHSA-hh32-7344-cg2f< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22978" > https://nvd.nist.gov/vuln/detail/CVE-2022-22978< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22978" > https://tanzu.vmware.com/security/cve-2022-22978< / a > < br > < / details > |
| org.springframework.security:spring-security-core | CVE-2022-22976 | MEDIUM | 5.5.5 | 5.6.4, 5.5.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22976" > https://access.redhat.com/security/cve/CVE-2022-22976< / a > < br > < a href = "https://github.com/advisories/GHSA-wx54-3278-m5g4" > https://github.com/advisories/GHSA-wx54-3278-m5g4< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22976" > https://nvd.nist.gov/vuln/detail/CVE-2022-22976< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22976" > https://tanzu.vmware.com/security/cve-2022-22976< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2022-22970 | HIGH | 5.3.18 | 5.3.20, 5.2.22.RELEASE | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22970" > https://access.redhat.com/security/cve/CVE-2022-22970< / a > < br > < a href = "https://github.com/advisories/GHSA-hh26-6xwr-ggv7" > https://github.com/advisories/GHSA-hh26-6xwr-ggv7< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22970" > https://nvd.nist.gov/vuln/detail/CVE-2022-22970< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22970" > https://tanzu.vmware.com/security/cve-2022-22970< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2022-22971 | MEDIUM | 5.3.18 | 5.2.22.RELEASE, 5.3.20 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22971" > https://access.redhat.com/security/cve/CVE-2022-22971< / a > < br > < a href = "https://github.com/advisories/GHSA-rqph-vqwm-22vc" > https://github.com/advisories/GHSA-rqph-vqwm-22vc< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22971" > https://nvd.nist.gov/vuln/detail/CVE-2022-22971< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22971" > https://tanzu.vmware.com/security/cve-2022-22971< / a > < br > < / details > |
2022-04-26 20:05:48 +00:00
| org.springframework:spring-core | CVE-2022-22968 | LOW | 5.3.18 | 5.2.21, 5.3.19 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22968" > https://access.redhat.com/security/cve/CVE-2022-22968< / a > < br > < a href = "https://github.com/advisories/GHSA-g5mm-vmx4-3rg7" > https://github.com/advisories/GHSA-g5mm-vmx4-3rg7< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22968" > https://nvd.nist.gov/vuln/detail/CVE-2022-22968< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22968" > https://tanzu.vmware.com/security/cve-2022-22968< / a > < br > < / details > |