2021-12-05 00:50:14 +00:00
---
hide:
- toc
---
2021-12-05 23:17:30 +00:00
# Security Overview
2021-12-04 20:11:45 +00:00
2021-12-05 00:50:14 +00:00
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
2021-12-04 20:11:45 +00:00
## Helm-Chart
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Chart Object: pixapop/templates/common.yaml
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-05 00:50:14 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-pixapop' of Deployment ' RELEASE-NAME-pixapop' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' RELEASE-NAME-pixapop' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-pixapop' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-pixapop' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-pixapop' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-pixapop' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-pixapop' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-pixapop' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
2021-12-04 20:11:45 +00:00
## Containers
##### Detected Containers
2022-02-06 17:25:51 +00:00
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
2021-12-04 20:11:45 +00:00
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/pixapop:v1.2-ls15@sha256:6a05383524fcd51b0b692d508dd16ed6948337aa272677e01baa6d8ba119c070
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2021-12-28 15:32:09 +00:00
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
2022-02-06 17:25:51 +00:00
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
| ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < / details > |
2022-02-15 14:42:47 +00:00
#### Container: Node.js
**node-pkg**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| acorn | GHSA-6chw-6frg-f759 | HIGH | 6.1.1 | 5.7.4, 7.1.1, 6.4.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802" > https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802< / a > < br > < a href = "https://github.com/acornjs/acorn/issues/929" > https://github.com/acornjs/acorn/issues/929< / a > < br > < a href = "https://github.com/advisories/GHSA-6chw-6frg-f759" > https://github.com/advisories/GHSA-6chw-6frg-f759< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-ACORN-559469" > https://snyk.io/vuln/SNYK-JS-ACORN-559469< / a > < br > < a href = "https://www.npmjs.com/advisories/1488" > https://www.npmjs.com/advisories/1488< / a > < br > < / details > |
| ajv | CVE-2020-15366 | MEDIUM | 6.10.0 | 6.12.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-v88g-cgmw-v5xw" > https://github.com/advisories/GHSA-v88g-cgmw-v5xw< / a > < br > < a href = "https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f" > https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f< / a > < br > < a href = "https://github.com/ajv-validator/ajv/releases/tag/v6.12.3" > https://github.com/ajv-validator/ajv/releases/tag/v6.12.3< / a > < br > < a href = "https://github.com/ajv-validator/ajv/tags" > https://github.com/ajv-validator/ajv/tags< / a > < br > < a href = "https://hackerone.com/bugs?subject=user&report_id=894259" > https://hackerone.com/bugs?subject=user& report_id=894259< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-15366.html" > https://linux.oracle.com/cve/CVE-2020-15366.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0551.html" > https://linux.oracle.com/errata/ELSA-2021-0551.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-15366" > https://nvd.nist.gov/vuln/detail/CVE-2020-15366< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-AJV-584908" > https://snyk.io/vuln/SNYK-JS-AJV-584908< / a > < br > < / details > |
| ansi-html | CVE-2021-23424 | HIGH | 0.0.7 | | < details > < summary > Expand...< / summary > < a href = "https://github.com/Tjatse/ansi-html/issues/19" > https://github.com/Tjatse/ansi-html/issues/19< / a > < br > < a href = "https://github.com/advisories/GHSA-whgm-jr23-g3j9" > https://github.com/advisories/GHSA-whgm-jr23-g3j9< / a > < br > < a href = "https://github.com/ioet/time-tracker-ui/security/advisories/GHSA-4fjc-8q3h-8r69" > https://github.com/ioet/time-tracker-ui/security/advisories/GHSA-4fjc-8q3h-8r69< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23424" > https://nvd.nist.gov/vuln/detail/CVE-2021-23424< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849" > https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849< / a > < br > < / details > |
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3807.html" > https://linux.oracle.com/cve/CVE-2021-3807.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < / details > |
| browserslist | CVE-2021-23364 | MEDIUM | 4.4.2 | 4.16.5 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-w8qv-6jwh-64r5" > https://github.com/advisories/GHSA-w8qv-6jwh-64r5< / a > < br > < a href = "https://github.com/browserslist/browserslist/blob/e82f32d1d4100d6bc79ea0b6b6a2d281a561e33c/index.js%23L472-L474" > https://github.com/browserslist/browserslist/blob/e82f32d1d4100d6bc79ea0b6b6a2d281a561e33c/index.js%23L472-L474< / a > < br > < a href = "https://github.com/browserslist/browserslist/commit/c091916910dfe0b5fd61caad96083c6709b02d98" > https://github.com/browserslist/browserslist/commit/c091916910dfe0b5fd61caad96083c6709b02d98< / a > < br > < a href = "https://github.com/browserslist/browserslist/pull/593" > https://github.com/browserslist/browserslist/pull/593< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23364" > https://nvd.nist.gov/vuln/detail/CVE-2021-23364< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1277182" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1277182< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194" > https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194< / a > < br > < / details > |
| color-string | CVE-2021-29060 | MEDIUM | 1.5.3 | 1.5.5 | < details > < summary > Expand...< / summary > < a href = "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3" > https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3< / a > < br > < a href = "https://github.com/Qix-/color-string/releases/tag/1.5.5" > https://github.com/Qix-/color-string/releases/tag/1.5.5< / a > < br > < a href = "https://github.com/advisories/GHSA-257v-vj4p-3w2h" > https://github.com/advisories/GHSA-257v-vj4p-3w2h< / a > < br > < a href = "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md" > https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md< / a > < br > < a href = "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js" > https://github.com/yetingli/SaveResults/blob/main/js/color-string.js< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-29060" > https://nvd.nist.gov/vuln/detail/CVE-2021-29060< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939" > https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939< / a > < br > < a href = "https://www.npmjs.com/package/color-string" > https://www.npmjs.com/package/color-string< / a > < br > < / details > |
| dns-packet | CVE-2021-23386 | MEDIUM | 1.3.1 | 1.3.2, 5.2.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-3wcq-x3mq-6r9p" > https://github.com/advisories/GHSA-3wcq-x3mq-6r9p< / a > < br > < a href = "https://github.com/mafintosh/dns-packet/commit/0d0d593f8df4e2712c43957a6c62e95047f12b2d" > https://github.com/mafintosh/dns-packet/commit/0d0d593f8df4e2712c43957a6c62e95047f12b2d< / a > < br > < a href = "https://github.com/mafintosh/dns-packet/commit/25f15dd0fedc53688b25fd053ebbdffe3d5c1c56" > https://github.com/mafintosh/dns-packet/commit/25f15dd0fedc53688b25fd053ebbdffe3d5c1c56< / a > < br > < a href = "https://hackerone.com/bugs?subject=user&amp%3Breport_id=968858" > https://hackerone.com/bugs?subject=user& amp%3Breport_id=968858< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23386" > https://nvd.nist.gov/vuln/detail/CVE-2021-23386< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1295719" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1295719< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-DNSPACKET-1293563" > https://snyk.io/vuln/SNYK-JS-DNSPACKET-1293563< / a > < br > < / details > |
| dot-prop | CVE-2020-8116 | HIGH | 4.2.0 | 5.1.1, 4.2.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-ff7x-qrg7-qggm" > https://github.com/advisories/GHSA-ff7x-qrg7-qggm< / a > < br > < a href = "https://github.com/sindresorhus/dot-prop/issues/63" > https://github.com/sindresorhus/dot-prop/issues/63< / a > < br > < a href = "https://github.com/sindresorhus/dot-prop/tree/v4" > https://github.com/sindresorhus/dot-prop/tree/v4< / a > < br > < a href = "https://hackerone.com/reports/719856" > https://hackerone.com/reports/719856< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-8116.html" > https://linux.oracle.com/cve/CVE-2020-8116.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0548.html" > https://linux.oracle.com/errata/ELSA-2021-0548.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-8116" > https://nvd.nist.gov/vuln/detail/CVE-2020-8116< / a > < br > < / details > |
| elliptic | CVE-2020-13822 | HIGH | 6.4.1 | 6.5.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-vh7m-p724-62c2" > https://github.com/advisories/GHSA-vh7m-p724-62c2< / a > < br > < a href = "https://github.com/indutny/elliptic/issues/226" > https://github.com/indutny/elliptic/issues/226< / a > < br > < a href = "https://medium.com/@herman_10687/malleability-attack-why-it-matters-7b5f59fb99a4" > https://medium.com/@herman_10687/malleability-attack-why-it-matters-7b5f59fb99a4< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-13822" > https://nvd.nist.gov/vuln/detail/CVE-2020-13822< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484" > https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484< / a > < br > < a href = "https://www.npmjs.com/package/elliptic" > https://www.npmjs.com/package/elliptic< / a > < br > < a href = "https://yondon.blog/2019/01/01/how-not-to-use-ecdsa/" > https://yondon.blog/2019/01/01/how-not-to-use-ecdsa/< / a > < br > < / details > |
| elliptic | CVE-2020-28498 | MEDIUM | 6.4.1 | 6.5.4 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-r9p9-mrjm-926w" > https://github.com/advisories/GHSA-r9p9-mrjm-926w< / a > < br > < a href = "https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md" > https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md< / a > < br > < a href = "https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f" > https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f< / a > < br > < a href = "https://github.com/indutny/elliptic/pull/244/commits" > https://github.com/indutny/elliptic/pull/244/commits< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28498" > https://nvd.nist.gov/vuln/detail/CVE-2020-28498< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1069836" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1069836< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899" > https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899< / a > < br > < a href = "https://www.npmjs.com/package/elliptic" > https://www.npmjs.com/package/elliptic< / a > < br > < / details > |
| follow-redirects | CVE-2022-0155 | MEDIUM | 1.7.0 | 1.14.7 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-74fj-2j2h-c42q" > https://github.com/advisories/GHSA-74fj-2j2h-c42q< / a > < br > < a href = "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22" > https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22< / a > < br > < a href = "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406" > https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0155" > https://nvd.nist.gov/vuln/detail/CVE-2022-0155< / a > < br > < / details > |
| follow-redirects | CVE-2022-0536 | MEDIUM | 1.7.0 | 1.14.8 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-pw2r-vq6v-hr8c" > https://github.com/advisories/GHSA-pw2r-vq6v-hr8c< / a > < br > < a href = "https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445" > https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445< / a > < br > < a href = "https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db" > https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0536" > https://nvd.nist.gov/vuln/detail/CVE-2022-0536< / a > < br > < / details > |
| glob-parent | CVE-2020-28469 | HIGH | 3.1.0 | 5.1.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-ww39-953v-wcq6" > https://github.com/advisories/GHSA-ww39-953v-wcq6< / a > < br > < a href = "https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9" > https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9< / a > < br > < a href = "https://github.com/gulpjs/glob-parent/pull/36" > https://github.com/gulpjs/glob-parent/pull/36< / a > < br > < a href = "https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2" > https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-28469.html" > https://linux.oracle.com/cve/CVE-2020-28469.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" > https://nvd.nist.gov/vuln/detail/CVE-2020-28469< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" > https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < / details > |
| hosted-git-info | CVE-2021-23362 | MEDIUM | 2.7.1 | 2.8.9, 3.0.8 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-43f8-2h32-f4cj" > https://github.com/advisories/GHSA-43f8-2h32-f4cj< / a > < br > < a href = "https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7" > https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7< / a > < br > < a href = "https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01" > https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01< / a > < br > < a href = "https://github.com/npm/hosted-git-info/commit/bede0dc38e1785e732bf0a48ba6f81a4a908eba3" > https://github.com/npm/hosted-git-info/commit/bede0dc38e1785e732bf0a48ba6f81a4a908eba3< / a > < br > < a href = "https://github.com/npm/hosted-git-info/commits/v2" > https://github.com/npm/hosted-git-info/commits/v2< / a > < br > < a href = "https://github.com/npm/hosted-git-info/pull/76" > https://github.com/npm/hosted-git-info/pull/76< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-23362.html" > https://linux.oracle.com/cve/CVE-2021-23362.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3074.html" > https://linux.oracle.com/errata/ELSA-2021-3074.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23362" > https://nvd.nist.gov/vuln/detail/CVE-2021-23362< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1088356" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1088356< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355" > https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355< / a > < br > < / details > |
| http-proxy | GHSA-6x33-pw7p-hmpq | HIGH | 1.17.0 | 1.18.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-6x33-pw7p-hmpq" > https://github.com/advisories/GHSA-6x33-pw7p-hmpq< / a > < br > < a href = "https://github.com/http-party/node-http-proxy/pull/1447/files" > https://github.com/http-party/node-http-proxy/pull/1447/files< / a > < br > < a href = "https://www.npmjs.com/advisories/1486" > https://www.npmjs.com/advisories/1486< / a > < br > < / details > |
| ini | CVE-2020-7788 | HIGH | 1.3.5 | 1.3.6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788< / a > < br > < a href = "https://github.com/advisories/GHSA-qqgx-2p2h-9c37" > https://github.com/advisories/GHSA-qqgx-2p2h-9c37< / a > < br > < a href = "https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1" > https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1< / a > < br > < a href = "https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1 (v1.3.6)" > https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1 (v1.3.6)< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7788.html" > https://linux.oracle.com/cve/CVE-2020-7788.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html" > https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7788" > https://nvd.nist.gov/vuln/detail/CVE-2020-7788< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-INI-1048974" > https://snyk.io/vuln/SNYK-JS-INI-1048974< / a > < br > < a href = "https://www.npmjs.com/advisories/1589" > https://www.npmjs.com/advisories/1589< / a > < br > < / details > |
| is-svg | CVE-2021-28092 | HIGH | 3.0.0 | 4.2.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-7r28-3m3f-r2pr" > https://github.com/advisories/GHSA-7r28-3m3f-r2pr< / a > < br > < a href = "https://github.com/sindresorhus/is-svg/commit/01f8a087fab8a69c3ac9085fbb16035907ab6a5b" > https://github.com/sindresorhus/is-svg/commit/01f8a087fab8a69c3ac9085fbb16035907ab6a5b< / a > < br > < a href = "https://github.com/sindresorhus/is-svg/releases" > https://github.com/sindresorhus/is-svg/releases< / a > < br > < a href = "https://github.com/sindresorhus/is-svg/releases/tag/v4.2.2" > https://github.com/sindresorhus/is-svg/releases/tag/v4.2.2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-28092" > https://nvd.nist.gov/vuln/detail/CVE-2021-28092< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210513-0008/" > https://security.netapp.com/advisory/ntap-20210513-0008/< / a > < br > < a href = "https://www.npmjs.com/package/is-svg" > https://www.npmjs.com/package/is-svg< / a > < br > < / details > |
| is-svg | CVE-2021-29059 | HIGH | 3.0.0 | 4.3.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-r8j5-h5cx-65gg" > https://github.com/advisories/GHSA-r8j5-h5cx-65gg< / a > < br > < a href = "https://github.com/sindresorhus/is-svg/commit/732fc72779840c45a30817d3fe28e12058592b02" > https://github.com/sindresorhus/is-svg/commit/732fc72779840c45a30817d3fe28e12058592b02< / a > < br > < a href = "https://github.com/sindresorhus/is-svg/releases/tag/v4.3.0" > https://github.com/sindresorhus/is-svg/releases/tag/v4.3.0< / a > < br > < a href = "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29059/IS-SVG.md" > https://github.com/yetingli/PoCs/blob/main/CVE-2021-29059/IS-SVG.md< / a > < br > < a href = "https://github.com/yetingli/SaveResults/blob/main/js/is-svg.js" > https://github.com/yetingli/SaveResults/blob/main/js/is-svg.js< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-29059" > https://nvd.nist.gov/vuln/detail/CVE-2021-29059< / a > < br > < a href = "https://www.npmjs.com/package/is-svg" > https://www.npmjs.com/package/is-svg< / a > < br > < / details > |
| js-yaml | GHSA-8j8c-7jfh-h6hx | HIGH | 3.12.2 | 3.13.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-8j8c-7jfh-h6hx" > https://github.com/advisories/GHSA-8j8c-7jfh-h6hx< / a > < br > < a href = "https://github.com/nodeca/js-yaml/pull/480" > https://github.com/nodeca/js-yaml/pull/480< / a > < br > < a href = "https://www.npmjs.com/advisories/813" > https://www.npmjs.com/advisories/813< / a > < br > < / details > |
| js-yaml | GHSA-2pr6-76vf-7546 | MEDIUM | 3.12.2 | 3.13.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-2pr6-76vf-7546" > https://github.com/advisories/GHSA-2pr6-76vf-7546< / a > < br > < a href = "https://github.com/nodeca/js-yaml/commit/a567ef3c6e61eb319f0bfc2671d91061afb01235" > https://github.com/nodeca/js-yaml/commit/a567ef3c6e61eb319f0bfc2671d91061afb01235< / a > < br > < a href = "https://github.com/nodeca/js-yaml/issues/475" > https://github.com/nodeca/js-yaml/issues/475< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-JSYAML-173999" > https://snyk.io/vuln/SNYK-JS-JSYAML-173999< / a > < br > < a href = "https://www.npmjs.com/advisories/788" > https://www.npmjs.com/advisories/788< / a > < br > < a href = "https://www.npmjs.com/advisories/788/versions" > https://www.npmjs.com/advisories/788/versions< / a > < br > < / details > |
| kind-of | CVE-2019-20149 | HIGH | 6.0.2 | 6.0.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-6c8f-qphg-qjgp" > https://github.com/advisories/GHSA-6c8f-qphg-qjgp< / a > < br > < a href = "https://github.com/jonschlinkert/kind-of/commit/1df992ce6d5a1292048e5fe9c52c5382f941ee0b" > https://github.com/jonschlinkert/kind-of/commit/1df992ce6d5a1292048e5fe9c52c5382f941ee0b< / a > < br > < a href = "https://github.com/jonschlinkert/kind-of/issues/30" > https://github.com/jonschlinkert/kind-of/issues/30< / a > < br > < a href = "https://github.com/jonschlinkert/kind-of/pull/31" > https://github.com/jonschlinkert/kind-of/pull/31< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-20149" > https://nvd.nist.gov/vuln/detail/CVE-2019-20149< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-KINDOF-537849" > https://snyk.io/vuln/SNYK-JS-KINDOF-537849< / a > < br > < a href = "https://www.npmjs.com/advisories/1490" > https://www.npmjs.com/advisories/1490< / a > < br > < / details > |
| lodash | CVE-2019-10744 | CRITICAL | 4.17.11 | 4.17.12 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:3024" > https://access.redhat.com/errata/RHSA-2019:3024< / a > < br > < a href = "https://github.com/advisories/GHSA-jf85-cpcp-j695" > https://github.com/advisories/GHSA-jf85-cpcp-j695< / a > < br > < a href = "https://github.com/lodash/lodash/pull/4336" > https://github.com/lodash/lodash/pull/4336< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10744" > https://nvd.nist.gov/vuln/detail/CVE-2019-10744< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20191004-0005/" > https://security.netapp.com/advisory/ntap-20191004-0005/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-450202" > https://snyk.io/vuln/SNYK-JS-LODASH-450202< / a > < br > < a href = "https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp;utm_medium=RSS" > https://support.f5.com/csp/article/K47105354?utm_source=f5support& amp;utm_medium=RSS< / a > < br > < a href = "https://www.npmjs.com/advisories/1065" > https://www.npmjs.com/advisories/1065< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| lodash | CVE-2020-8203 | HIGH | 4.17.11 | 4.17.19 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-p6mc-m468-83gw" > https://github.com/advisories/GHSA-p6mc-m468-83gw< / a > < br > < a href = "https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12" > https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12< / a > < br > < a href = "https://github.com/lodash/lodash/issues/4744" > https://github.com/lodash/lodash/issues/4744< / a > < br > < a href = "https://github.com/lodash/lodash/issues/4874" > https://github.com/lodash/lodash/issues/4874< / a > < br > < a href = "https://hackerone.com/reports/712065" > https://hackerone.com/reports/712065< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-8203" > https://nvd.nist.gov/vuln/detail/CVE-2020-8203< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200724-0006/" > https://security.netapp.com/advisory/ntap-20200724-0006/< / a > < br > < a href = "https://www.npmjs.com/advisories/1523" > https://www.npmjs.com/advisories/1523< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| lodash | CVE-2021-23337 | HIGH | 4.17.11 | 4.17.21 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337< / a > < br > < a href = "https://github.com/advisories/GHSA-35jh-r3h4-6jhm" > https://github.com/advisories/GHSA-35jh-r3h4-6jhm< / a > < br > < a href = "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851" > https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851< / a > < br > < a href = "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851" > https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851< / a > < br > < a href = "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c" > https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23337" > https://nvd.nist.gov/vuln/detail/CVE-2021-23337< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210312-0006/" > https://security.netapp.com/advisory/ntap-20210312-0006/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932" > https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-1040724" > https://snyk.io/vuln/SNYK-JS-LODASH-1040724< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| lodash | CVE-2020-28500 | MEDIUM | 4.17.11 | 4.17.21 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500< / a > < br > < a href = "https://github.com/advisories/GHSA-29mw-wpgm-hmr9" > https://github.com/advisories/GHSA-29mw-wpgm-hmr9< / a > < br > < a href = "https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8" > https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8< / a > < br > < a href = "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8" > https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8< / a > < br > < a href = "https://github.com/lodash/lodash/pull/5065" > https://github.com/lodash/lodash/pull/5065< / a > < br > < a href = "https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7" > https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28500" > https://nvd.nist.gov/vuln/detail/CVE-2020-28500< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210312-0006/" > https://security.netapp.com/advisory/ntap-20210312-0006/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896" > https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-1018905" > https://snyk.io/vuln/SNYK-JS-LODASH-1018905< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| mem | GHSA-4xcv-9jjx-gfj3 | MEDIUM | 1.1.0 | 4.0.0 | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1623744" > https://bugzilla.redhat.com/show_bug.cgi?id=1623744< / a > < br > < a href = "https://github.com/advisories/GHSA-4xcv-9jjx-gfj3" > https://github.com/advisories/GHSA-4xcv-9jjx-gfj3< / a > < br > < a href = "https://github.com/sindresorhus/mem/commit/da4e4398cb27b602de3bd55f746efa9b4a31702b" > https://github.com/sindresorhus/mem/commit/da4e4398cb27b602de3bd55f746efa9b4a31702b< / a > < br > < a href = "https://snyk.io/vuln/npm:mem:20180117" > https://snyk.io/vuln/npm:mem:20180117< / a > < br > < a href = "https://www.npmjs.com/advisories/1084" > https://www.npmjs.com/advisories/1084< / a > < br > < / details > |
| minimist | CVE-2020-7598 | MEDIUM | 0.0.8 | 1.2.3, 0.2.1 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html" > http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html< / a > < br > < a href = "https://github.com/advisories/GHSA-vh95-rmgr-6w4m" > https://github.com/advisories/GHSA-vh95-rmgr-6w4m< / a > < br > < a href = "https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab" > https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab< / a > < br > < a href = "https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95" > https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95< / a > < br > < a href = "https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94" > https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7598.html" > https://linux.oracle.com/cve/CVE-2020-7598.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-2852.html" > https://linux.oracle.com/errata/ELSA-2020-2852.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7598" > https://nvd.nist.gov/vuln/detail/CVE-2020-7598< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://www.npmjs.com/advisories/1179" > https://www.npmjs.com/advisories/1179< / a > < br > < / details > |
| minimist | CVE-2020-7598 | MEDIUM | 1.2.0 | 1.2.3, 0.2.1 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html" > http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html< / a > < br > < a href = "https://github.com/advisories/GHSA-vh95-rmgr-6w4m" > https://github.com/advisories/GHSA-vh95-rmgr-6w4m< / a > < br > < a href = "https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab" > https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab< / a > < br > < a href = "https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95" > https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95< / a > < br > < a href = "https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94" > https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7598.html" > https://linux.oracle.com/cve/CVE-2020-7598.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-2852.html" > https://linux.oracle.com/errata/ELSA-2020-2852.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7598" > https://nvd.nist.gov/vuln/detail/CVE-2020-7598< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://www.npmjs.com/advisories/1179" > https://www.npmjs.com/advisories/1179< / a > < br > < / details > |
| mixin-deep | CVE-2019-10746 | CRITICAL | 1.3.1 | 2.0.1, 1.3.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-fhjf-83wg-r2j9" > https://github.com/advisories/GHSA-fhjf-83wg-r2j9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-10746.html" > https://linux.oracle.com/cve/CVE-2019-10746.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0549.html" > https://linux.oracle.com/errata/ELSA-2021-0549.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10746" > https://nvd.nist.gov/vuln/detail/CVE-2019-10746< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212" > https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212< / a > < br > < a href = "https://www.npmjs.com/advisories/1013" > https://www.npmjs.com/advisories/1013< / a > < br > < / details > |
| node-forge | CVE-2020-7720 | HIGH | 0.7.5 | 0.10.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-92xj-mqp7-vmcj" > https://github.com/advisories/GHSA-92xj-mqp7-vmcj< / a > < br > < a href = "https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md" > https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md< / a > < br > < a href = "https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md#removed" > https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md#removed< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7720" > https://nvd.nist.gov/vuln/detail/CVE-2020-7720< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-609293" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-609293< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677" > https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677< / a > < br > < / details > |
| node-forge | CVE-2022-0122 | MEDIUM | 0.7.5 | 1.0.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-8fr3-hfg3-gpgp" > https://github.com/advisories/GHSA-8fr3-hfg3-gpgp< / a > < br > < a href = "https://github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e" > https://github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e< / a > < br > < a href = "https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae" > https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0122" > https://nvd.nist.gov/vuln/detail/CVE-2022-0122< / a > < br > < / details > |
| node-forge | GHSA-5rrq-pxf6-6jx5 | LOW | 0.7.5 | 1.0.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-5rrq-pxf6-6jx5" > https://github.com/advisories/GHSA-5rrq-pxf6-6jx5< / a > < br > < a href = "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5rrq-pxf6-6jx5" > https://github.com/digitalbazaar/forge/security/advisories/GHSA-5rrq-pxf6-6jx5< / a > < br > < / details > |
| node-forge | GHSA-gf8q-jrpm-jvxq | LOW | 0.7.5 | 1.0.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-gf8q-jrpm-jvxq" > https://github.com/advisories/GHSA-gf8q-jrpm-jvxq< / a > < br > < a href = "https://github.com/digitalbazaar/forge/security/advisories/GHSA-gf8q-jrpm-jvxq" > https://github.com/digitalbazaar/forge/security/advisories/GHSA-gf8q-jrpm-jvxq< / a > < br > < / details > |
| node-forge | GHSA-wxgw-qj99-44c2 | LOW | 0.7.5 | 0.10.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-wxgw-qj99-44c2" > https://github.com/advisories/GHSA-wxgw-qj99-44c2< / a > < br > < a href = "https://github.com/digitalbazaar/forge/security/advisories/GHSA-wxgw-qj99-44c2" > https://github.com/digitalbazaar/forge/security/advisories/GHSA-wxgw-qj99-44c2< / a > < br > < / details > |
| node-notifier | CVE-2020-7789 | MEDIUM | 5.4.0 | 8.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-5fw9-fq32-wv5p" > https://github.com/advisories/GHSA-5fw9-fq32-wv5p< / a > < br > < a href = "https://github.com/mikaelbr/node-notifier/blob/master/lib/utils.js%23L303" > https://github.com/mikaelbr/node-notifier/blob/master/lib/utils.js%23L303< / a > < br > < a href = "https://github.com/mikaelbr/node-notifier/commit/5d62799dab88505a709cd032653b2320c5813fce" > https://github.com/mikaelbr/node-notifier/commit/5d62799dab88505a709cd032653b2320c5813fce< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7789" > https://nvd.nist.gov/vuln/detail/CVE-2020-7789< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050371" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050371< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-NODENOTIFIER-1035794" > https://snyk.io/vuln/SNYK-JS-NODENOTIFIER-1035794< / a > < br > < / details > |
| nth-check | CVE-2021-3803 | HIGH | 1.0.2 | 2.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-rp65-9cf3-cjxr" > https://github.com/advisories/GHSA-rp65-9cf3-cjxr< / a > < br > < a href = "https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726" > https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726< / a > < br > < a href = "https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0" > https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3803" > https://nvd.nist.gov/vuln/detail/CVE-2021-3803< / a > < br > < / details > |
| object-path | CVE-2020-15256 | CRITICAL | 0.9.2 | 0.11.5 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-cwx2-736x-mf6w" > https://github.com/advisories/GHSA-cwx2-736x-mf6w< / a > < br > < a href = "https://github.com/mariocasciaro/object-path/commit/2be3354c6c46215c7635eb1b76d80f1319403c68" > https://github.com/mariocasciaro/object-path/commit/2be3354c6c46215c7635eb1b76d80f1319403c68< / a > < br > < a href = "https://github.com/mariocasciaro/object-path/security/advisories/GHSA-cwx2-736x-mf6w" > https://github.com/mariocasciaro/object-path/security/advisories/GHSA-cwx2-736x-mf6w< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-15256" > https://nvd.nist.gov/vuln/detail/CVE-2020-15256< / a > < br > < / details > |
| object-path | CVE-2021-23434 | HIGH | 0.9.2 | 0.11.6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23434" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23434< / a > < br > < a href = "https://github.com/advisories/GHSA-v39p-96qg-c8rf" > https://github.com/advisories/GHSA-v39p-96qg-c8rf< / a > < br > < a href = "https://github.com/mariocasciaro/object-path#0116" > https://github.com/mariocasciaro/object-path#0116< / a > < br > < a href = "https://github.com/mariocasciaro/object-path%230116" > https://github.com/mariocasciaro/object-path%230116< / a > < br > < a href = "https://github.com/mariocasciaro/object-path/commit/7bdf4abefd102d16c163d633e8994ef154cab9eb" > https://github.com/mariocasciaro/object-path/commit/7bdf4abefd102d16c163d633e8994ef154cab9eb< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23434" > https://nvd.nist.gov/vuln/detail/CVE-2021-23434< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1570423" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1570423< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453" > https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453< / a > < br > < / details > |
| object-path | CVE-2021-3805 | HIGH | 0.9.2 | 0.11.8 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-8v63-cqqc-6r2c" > https://github.com/advisories/GHSA-8v63-cqqc-6r2c< / a > < br > < a href = "https://github.com/mariocasciaro/object-path/commit/e6bb638ffdd431176701b3e9024f80050d0ef0a6" > https://github.com/mariocasciaro/object-path/commit/e6bb638ffdd431176701b3e9024f80050d0ef0a6< / a > < br > < a href = "https://huntr.dev/bounties/571e3baf-7c46-46e3-9003-ba7e4e623053" > https://huntr.dev/bounties/571e3baf-7c46-46e3-9003-ba7e4e623053< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3805" > https://nvd.nist.gov/vuln/detail/CVE-2021-3805< / a > < br > < / details > |
| path-parse | CVE-2021-23343 | HIGH | 1.0.6 | 1.0.7 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-hj48-42vr-x3v9" > https://github.com/advisories/GHSA-hj48-42vr-x3v9< / a > < br > < a href = "https://github.com/jbgutierrez/path-parse/commit/eca63a7b9a473bf6978a2f5b7b3343662d1506f7" > https://github.com/jbgutierrez/path-parse/commit/eca63a7b9a473bf6978a2f5b7b3343662d1506f7< / a > < br > < a href = "https://github.com/jbgutierrez/path-parse/issues/8" > https://github.com/jbgutierrez/path-parse/issues/8< / a > < br > < a href = "https://github.com/jbgutierrez/path-parse/pull/10" > https://github.com/jbgutierrez/path-parse/pull/10< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-23343.html" > https://linux.oracle.com/cve/CVE-2021-23343.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23343" > https://nvd.nist.gov/vuln/detail/CVE-2021-23343< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067" > https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| postcss | CVE-2021-23382 | MEDIUM | 6.0.23 | 7.0.36, 8.2.13 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-566m-qj78-rww5" > https://github.com/advisories/GHSA-566m-qj78-rww5< / a > < br > < a href = "https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956" > https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956< / a > < br > < a href = "https://github.com/postcss/postcss/releases/tag/7.0.36" > https://github.com/postcss/postcss/releases/tag/7.0.36< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23382" > https://nvd.nist.gov/vuln/detail/CVE-2021-23382< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" > https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640< / a > < br > < / details > |
2022-02-15 14:42:47 +00:00
| postcss | CVE-2021-23368 | MEDIUM | 7.0.14 | 8.2.10, 7.0.36 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368< / a > < br > < a href = "https://github.com/advisories/GHSA-hwj9-h5mp-3pm3" > https://github.com/advisories/GHSA-hwj9-h5mp-3pm3< / a > < br > < a href = "https://github.com/postcss/postcss/commit/54cbf3c4847eb0fb1501b9d2337465439e849734" > https://github.com/postcss/postcss/commit/54cbf3c4847eb0fb1501b9d2337465439e849734< / a > < br > < a href = "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4" > https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4< / a > < br > < a href = "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5" > https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5< / a > < br > < a href = "https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013@%3Ccommits.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013@%3Ccommits.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb@%3Ccommits.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb@%3Ccommits.myfaces.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23368" > https://nvd.nist.gov/vuln/detail/CVE-2021-23368< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595" > https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| postcss | CVE-2021-23382 | MEDIUM | 7.0.14 | 7.0.36, 8.2.13 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-566m-qj78-rww5" > https://github.com/advisories/GHSA-566m-qj78-rww5< / a > < br > < a href = "https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956" > https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956< / a > < br > < a href = "https://github.com/postcss/postcss/releases/tag/7.0.36" > https://github.com/postcss/postcss/releases/tag/7.0.36< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23382" > https://nvd.nist.gov/vuln/detail/CVE-2021-23382< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" > https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640< / a > < br > < / details > |
2022-02-15 14:42:47 +00:00
| serialize-javascript | CVE-2020-7660 | HIGH | 1.6.1 | 3.1.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-hxcc-f52p-wc94" > https://github.com/advisories/GHSA-hxcc-f52p-wc94< / a > < br > < a href = "https://github.com/yahoo/serialize-javascript/commit/f21a6fb3ace2353413761e79717b2d210ba6ccbd" > https://github.com/yahoo/serialize-javascript/commit/f21a6fb3ace2353413761e79717b2d210ba6ccbd< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7660" > https://nvd.nist.gov/vuln/detail/CVE-2020-7660< / a > < br > < / details > |
| serialize-javascript | CVE-2019-16769 | MEDIUM | 1.6.1 | 2.1.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-h9rv-jmmf-4pgx" > https://github.com/advisories/GHSA-h9rv-jmmf-4pgx< / a > < br > < a href = "https://github.com/yahoo/serialize-javascript/security/advisories/GHSA-h9rv-jmmf-4pgx" > https://github.com/yahoo/serialize-javascript/security/advisories/GHSA-h9rv-jmmf-4pgx< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-16769" > https://nvd.nist.gov/vuln/detail/CVE-2019-16769< / a > < br > < a href = "https://www.npmjs.com/advisories/1426" > https://www.npmjs.com/advisories/1426< / a > < br > < / details > |
| set-value | CVE-2019-10747 | CRITICAL | 0.4.3 | 3.0.1, 2.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-4g88-fppr-53pp" > https://github.com/advisories/GHSA-4g88-fppr-53pp< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-10747.html" > https://linux.oracle.com/cve/CVE-2019-10747.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0549.html" > https://linux.oracle.com/errata/ELSA-2021-0549.html< / a > < br > < a href = "https://lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292@%3Cdev.drat.apache.org%3E" > https://lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292@%3Cdev.drat.apache.org%3E< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10747" > https://nvd.nist.gov/vuln/detail/CVE-2019-10747< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-SETVALUE-450213" > https://snyk.io/vuln/SNYK-JS-SETVALUE-450213< / a > < br > < a href = "https://www.npmjs.com/advisories/1012" > https://www.npmjs.com/advisories/1012< / a > < br > < / details > |
| set-value | CVE-2021-23440 | CRITICAL | 0.4.3 | 2.0.1, 4.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-4jqc-8m5r-9rpr" > https://github.com/advisories/GHSA-4jqc-8m5r-9rpr< / a > < br > < a href = "https://github.com/jonschlinkert/set-value/commit/7cf8073bb06bf0c15e08475f9f952823b4576452" > https://github.com/jonschlinkert/set-value/commit/7cf8073bb06bf0c15e08475f9f952823b4576452< / a > < br > < a href = "https://github.com/jonschlinkert/set-value/pull/33" > https://github.com/jonschlinkert/set-value/pull/33< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23440" > https://nvd.nist.gov/vuln/detail/CVE-2021-23440< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1584212" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1584212< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541" > https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541< / a > < br > < a href = "https://www.huntr.dev/bounties/2eae1159-01de-4f82-a177-7478a408c4a2/" > https://www.huntr.dev/bounties/2eae1159-01de-4f82-a177-7478a408c4a2/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < / details > |
| set-value | CVE-2019-10747 | CRITICAL | 2.0.0 | 3.0.1, 2.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-4g88-fppr-53pp" > https://github.com/advisories/GHSA-4g88-fppr-53pp< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-10747.html" > https://linux.oracle.com/cve/CVE-2019-10747.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0549.html" > https://linux.oracle.com/errata/ELSA-2021-0549.html< / a > < br > < a href = "https://lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292@%3Cdev.drat.apache.org%3E" > https://lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292@%3Cdev.drat.apache.org%3E< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10747" > https://nvd.nist.gov/vuln/detail/CVE-2019-10747< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-SETVALUE-450213" > https://snyk.io/vuln/SNYK-JS-SETVALUE-450213< / a > < br > < a href = "https://www.npmjs.com/advisories/1012" > https://www.npmjs.com/advisories/1012< / a > < br > < / details > |
| set-value | CVE-2021-23440 | CRITICAL | 2.0.0 | 2.0.1, 4.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-4jqc-8m5r-9rpr" > https://github.com/advisories/GHSA-4jqc-8m5r-9rpr< / a > < br > < a href = "https://github.com/jonschlinkert/set-value/commit/7cf8073bb06bf0c15e08475f9f952823b4576452" > https://github.com/jonschlinkert/set-value/commit/7cf8073bb06bf0c15e08475f9f952823b4576452< / a > < br > < a href = "https://github.com/jonschlinkert/set-value/pull/33" > https://github.com/jonschlinkert/set-value/pull/33< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23440" > https://nvd.nist.gov/vuln/detail/CVE-2021-23440< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1584212" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1584212< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541" > https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541< / a > < br > < a href = "https://www.huntr.dev/bounties/2eae1159-01de-4f82-a177-7478a408c4a2/" > https://www.huntr.dev/bounties/2eae1159-01de-4f82-a177-7478a408c4a2/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < / details > |
| sockjs | CVE-2020-7693 | MEDIUM | 0.3.19 | 0.3.20 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-c9g6-9335-x697" > https://github.com/advisories/GHSA-c9g6-9335-x697< / a > < br > < a href = "https://github.com/andsnw/sockjs-dos-py" > https://github.com/andsnw/sockjs-dos-py< / a > < br > < a href = "https://github.com/sockjs/sockjs-node/commit/dd7e642cd69ee74385825816d30642c43e051d16" > https://github.com/sockjs/sockjs-node/commit/dd7e642cd69ee74385825816d30642c43e051d16< / a > < br > < a href = "https://github.com/sockjs/sockjs-node/issues/252" > https://github.com/sockjs/sockjs-node/issues/252< / a > < br > < a href = "https://github.com/sockjs/sockjs-node/pull/265" > https://github.com/sockjs/sockjs-node/pull/265< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7693" > https://nvd.nist.gov/vuln/detail/CVE-2020-7693< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-575448" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-575448< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-SOCKJS-575261" > https://snyk.io/vuln/SNYK-JS-SOCKJS-575261< / a > < br > < a href = "https://www.npmjs.com/package/sockjs" > https://www.npmjs.com/package/sockjs< / a > < br > < / details > |
| ssri | CVE-2021-27290 | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27290" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27290< / a > < br > < a href = "https://doyensec.com/resources/Doyensec_Advisory_ssri_redos.pdf" > https://doyensec.com/resources/Doyensec_Advisory_ssri_redos.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-vx3p-948g-6vhq" > https://github.com/advisories/GHSA-vx3p-948g-6vhq< / a > < br > < a href = "https://github.com/npm/ssri/commit/76e223317d971f19e4db8191865bdad5edee40d2" > https://github.com/npm/ssri/commit/76e223317d971f19e4db8191865bdad5edee40d2< / a > < br > < a href = "https://github.com/npm/ssri/commit/b30dfdb00bb94ddc49a25a85a18fb27afafdfbb1" > https://github.com/npm/ssri/commit/b30dfdb00bb94ddc49a25a85a18fb27afafdfbb1< / a > < br > < a href = "https://github.com/npm/ssri/pull/20#issuecomment-842677644" > https://github.com/npm/ssri/pull/20#issuecomment-842677644< / a > < br > < a href = "https://github.com/yetingli/SaveResults/blob/main/pdf/ssri-redos.pdf" > https://github.com/yetingli/SaveResults/blob/main/pdf/ssri-redos.pdf< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-27290.html" > https://linux.oracle.com/cve/CVE-2021-27290.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3074.html" > https://linux.oracle.com/errata/ELSA-2021-3074.html< / a > < br > < a href = "https://npmjs.com" > https://npmjs.com< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-27290" > https://nvd.nist.gov/vuln/detail/CVE-2021-27290< / a > < br > < a href = "https://www.npmjs.com/package/ssri" > https://www.npmjs.com/package/ssri< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-32803 | HIGH | 4.4.8 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20" > https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32803.html" > https://linux.oracle.com/cve/CVE-2021-32803.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32803" > https://nvd.nist.gov/vuln/detail/CVE-2021-32803< / a > < br > < a href = "https://www.npmjs.com/advisories/1771" > https://www.npmjs.com/advisories/1771< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-32804 | HIGH | 4.4.8 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4" > https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32804.html" > https://linux.oracle.com/cve/CVE-2021-32804.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32804" > https://nvd.nist.gov/vuln/detail/CVE-2021-32804< / a > < br > < a href = "https://www.npmjs.com/advisories/1770" > https://www.npmjs.com/advisories/1770< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37701 | HIGH | 4.4.8 | 6.1.7, 5.0.8, 4.4.16 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-9r2w-394v-53qc" > https://github.com/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc" > https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-37701.html" > https://linux.oracle.com/cve/CVE-2021-37701.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37701" > https://nvd.nist.gov/vuln/detail/CVE-2021-37701< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1779" > https://www.npmjs.com/advisories/1779< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37712 | HIGH | 4.4.8 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-qq89-hq3f-393p" > https://github.com/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p" > https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-37712.html" > https://linux.oracle.com/cve/CVE-2021-37712.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37712" > https://nvd.nist.gov/vuln/detail/CVE-2021-37712< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1780" > https://www.npmjs.com/advisories/1780< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37713 | HIGH | 4.4.8 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-5955-9wpr-37jh" > https://github.com/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh" > https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37713" > https://nvd.nist.gov/vuln/detail/CVE-2021-37713< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| url-parse | CVE-2022-0686 | CRITICAL | 1.4.4 | 1.5.8 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-hgjh-723h-mx2j" > https://github.com/advisories/GHSA-hgjh-723h-mx2j< / a > < br > < a href = "https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5" > https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5< / a > < br > < a href = "https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c" > https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0686" > https://nvd.nist.gov/vuln/detail/CVE-2022-0686< / a > < br > < / details > |
| url-parse | CVE-2022-0691 | CRITICAL | 1.4.4 | 1.5.9 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-jf5r-8hm2-f872" > https://github.com/advisories/GHSA-jf5r-8hm2-f872< / a > < br > < a href = "https://github.com/unshiftio/url-parse/commit/0e3fb542d60ddbf6933f22eb9b1e06e25eaa5b63" > https://github.com/unshiftio/url-parse/commit/0e3fb542d60ddbf6933f22eb9b1e06e25eaa5b63< / a > < br > < a href = "https://huntr.dev/bounties/57124ed5-4b68-4934-8325-2c546257f2e4" > https://huntr.dev/bounties/57124ed5-4b68-4934-8325-2c546257f2e4< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0691" > https://nvd.nist.gov/vuln/detail/CVE-2022-0691< / a > < br > < / details > |
2022-02-15 14:42:47 +00:00
| url-parse | CVE-2020-8124 | MEDIUM | 1.4.4 | 1.4.5 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-46c4-8wrp-j99v" > https://github.com/advisories/GHSA-46c4-8wrp-j99v< / a > < br > < a href = "https://hackerone.com/reports/496293" > https://hackerone.com/reports/496293< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-8124" > https://nvd.nist.gov/vuln/detail/CVE-2020-8124< / a > < br > < / details > |
| url-parse | CVE-2021-27515 | MEDIUM | 1.4.4 | 1.5.0 | < details > < summary > Expand...< / summary > < a href = "https://advisory.checkmarx.net/advisory/CX-2021-4306" > https://advisory.checkmarx.net/advisory/CX-2021-4306< / a > < br > < a href = "https://github.com/advisories/GHSA-9m6j-fcg5-2442" > https://github.com/advisories/GHSA-9m6j-fcg5-2442< / a > < br > < a href = "https://github.com/unshiftio/url-parse/commit/d1e7e8822f26e8a49794b757123b51386325b2b0" > https://github.com/unshiftio/url-parse/commit/d1e7e8822f26e8a49794b757123b51386325b2b0< / a > < br > < a href = "https://github.com/unshiftio/url-parse/compare/1.4.7...1.5.0" > https://github.com/unshiftio/url-parse/compare/1.4.7...1.5.0< / a > < br > < a href = "https://github.com/unshiftio/url-parse/pull/197" > https://github.com/unshiftio/url-parse/pull/197< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-27515" > https://nvd.nist.gov/vuln/detail/CVE-2021-27515< / a > < br > < / details > |
| url-parse | CVE-2021-3664 | MEDIUM | 1.4.4 | 1.5.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-hh27-ffr2-f2jc" > https://github.com/advisories/GHSA-hh27-ffr2-f2jc< / a > < br > < a href = "https://github.com/unshiftio/url-parse/commit/81ab967889b08112d3356e451bf03e6aa0cbb7e0" > https://github.com/unshiftio/url-parse/commit/81ab967889b08112d3356e451bf03e6aa0cbb7e0< / a > < br > < a href = "https://github.com/unshiftio/url-parse/issues/205" > https://github.com/unshiftio/url-parse/issues/205< / a > < br > < a href = "https://github.com/unshiftio/url-parse/issues/206" > https://github.com/unshiftio/url-parse/issues/206< / a > < br > < a href = "https://huntr.dev/bounties/1625557993985-unshiftio/url-parse" > https://huntr.dev/bounties/1625557993985-unshiftio/url-parse< / a > < br > < a href = "https://huntr.dev/bounties/1625557993985-unshiftio/url-parse/" > https://huntr.dev/bounties/1625557993985-unshiftio/url-parse/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3664" > https://nvd.nist.gov/vuln/detail/CVE-2021-3664< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| url-parse | CVE-2022-0512 | MEDIUM | 1.4.4 | 1.5.6 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-rqff-837h-mm52" > https://github.com/advisories/GHSA-rqff-837h-mm52< / a > < br > < a href = "https://github.com/unshiftio/url-parse/commit/9be7ee88afd2bb04e4d5a1a8da9a389ac13f8c40" > https://github.com/unshiftio/url-parse/commit/9be7ee88afd2bb04e4d5a1a8da9a389ac13f8c40< / a > < br > < a href = "https://huntr.dev/bounties/6d1bc51f-1876-4f5b-a2c2-734e09e8e05b" > https://huntr.dev/bounties/6d1bc51f-1876-4f5b-a2c2-734e09e8e05b< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0512" > https://nvd.nist.gov/vuln/detail/CVE-2022-0512< / a > < br > < / details > |
| url-parse | CVE-2022-0639 | MEDIUM | 1.4.4 | 1.5.7 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-8v38-pw62-9cw2" > https://github.com/advisories/GHSA-8v38-pw62-9cw2< / a > < br > < a href = "https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788" > https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788< / a > < br > < a href = "https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155" > https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0639" > https://nvd.nist.gov/vuln/detail/CVE-2022-0639< / a > < br > < / details > |
2022-02-15 14:42:47 +00:00
| websocket-extensions | CVE-2020-7662 | HIGH | 0.1.3 | 0.1.4 | < details > < summary > Expand...< / summary > < a href = "https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions" > https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions< / a > < br > < a href = "https://github.com/advisories/GHSA-g78m-2chm-r7qv" > https://github.com/advisories/GHSA-g78m-2chm-r7qv< / a > < br > < a href = "https://github.com/faye/websocket-extensions-node/commit/29496f6838bfadfe5a2f85dff33ed0ba33873237" > https://github.com/faye/websocket-extensions-node/commit/29496f6838bfadfe5a2f85dff33ed0ba33873237< / a > < br > < a href = "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv" > https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7662" > https://nvd.nist.gov/vuln/detail/CVE-2020-7662< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-WEBSOCKETEXTENSIONS-570623" > https://snyk.io/vuln/SNYK-JS-WEBSOCKETEXTENSIONS-570623< / a > < br > < / details > |
| y18n | CVE-2020-7774 | HIGH | 3.2.1 | 5.0.5, 4.0.1, 3.2.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-c4w7-xm78-47vh" > https://github.com/advisories/GHSA-c4w7-xm78-47vh< / a > < br > < a href = "https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25" > https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25< / a > < br > < a href = "https://github.com/yargs/y18n/issues/96" > https://github.com/yargs/y18n/issues/96< / a > < br > < a href = "https://github.com/yargs/y18n/pull/108" > https://github.com/yargs/y18n/pull/108< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7774.html" > https://linux.oracle.com/cve/CVE-2020-7774.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0551.html" > https://linux.oracle.com/errata/ELSA-2021-0551.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7774" > https://nvd.nist.gov/vuln/detail/CVE-2020-7774< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-Y18N-1021887" > https://snyk.io/vuln/SNYK-JS-Y18N-1021887< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < / details > |
| y18n | CVE-2020-7774 | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-c4w7-xm78-47vh" > https://github.com/advisories/GHSA-c4w7-xm78-47vh< / a > < br > < a href = "https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25" > https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25< / a > < br > < a href = "https://github.com/yargs/y18n/issues/96" > https://github.com/yargs/y18n/issues/96< / a > < br > < a href = "https://github.com/yargs/y18n/pull/108" > https://github.com/yargs/y18n/pull/108< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7774.html" > https://linux.oracle.com/cve/CVE-2020-7774.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0551.html" > https://linux.oracle.com/errata/ELSA-2021-0551.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7774" > https://nvd.nist.gov/vuln/detail/CVE-2020-7774< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-Y18N-1021887" > https://snyk.io/vuln/SNYK-JS-Y18N-1021887< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < / details > |
| yargs-parser | CVE-2020-7608 | MEDIUM | 10.1.0 | 5.0.1, 13.1.2, 18.1.2, 15.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-p9pc-299p-vxgp" > https://github.com/advisories/GHSA-p9pc-299p-vxgp< / a > < br > < a href = "https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2" > https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7608.html" > https://linux.oracle.com/cve/CVE-2020-7608.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0548.html" > https://linux.oracle.com/errata/ELSA-2021-0548.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7608" > https://nvd.nist.gov/vuln/detail/CVE-2020-7608< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381" > https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381< / a > < br > < a href = "https://www.npmjs.com/advisories/1500" > https://www.npmjs.com/advisories/1500< / a > < br > < / details > |
| yargs-parser | CVE-2020-7608 | MEDIUM | 11.1.1 | 5.0.1, 13.1.2, 18.1.2, 15.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-p9pc-299p-vxgp" > https://github.com/advisories/GHSA-p9pc-299p-vxgp< / a > < br > < a href = "https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2" > https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7608.html" > https://linux.oracle.com/cve/CVE-2020-7608.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0548.html" > https://linux.oracle.com/errata/ELSA-2021-0548.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7608" > https://nvd.nist.gov/vuln/detail/CVE-2020-7608< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381" > https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381< / a > < br > < a href = "https://www.npmjs.com/advisories/1500" > https://www.npmjs.com/advisories/1500< / a > < br > < / details > |
| yargs-parser | CVE-2020-7608 | MEDIUM | 7.0.0 | 5.0.1, 13.1.2, 18.1.2, 15.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-p9pc-299p-vxgp" > https://github.com/advisories/GHSA-p9pc-299p-vxgp< / a > < br > < a href = "https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2" > https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-7608.html" > https://linux.oracle.com/cve/CVE-2020-7608.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-0548.html" > https://linux.oracle.com/errata/ELSA-2021-0548.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7608" > https://nvd.nist.gov/vuln/detail/CVE-2020-7608< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381" > https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381< / a > < br > < a href = "https://www.npmjs.com/advisories/1500" > https://www.npmjs.com/advisories/1500< / a > < br > < / details > |
**composer**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-03-03 23:48:12 +00:00
| symfony/cache | CVE-2019-18889 | CRITICAL | v4.2.3 | 3.2.0, 3.3.0, 3.4.0, 3.4.35, 4.1.0, 4.2.0, 4.2.12, 4.3.8 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18889" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18889< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-18889.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-18889.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18889.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18889.yaml< / a > < br > < a href = "https://github.com/advisories/GHSA-79gr-58r3-pwm3" > https://github.com/advisories/GHSA-79gr-58r3-pwm3< / a > < br > < a href = "https://github.com/symfony/symfony/commit/8817d28fcaacb31fe01d267f6e19b44d8179395a" > https://github.com/symfony/symfony/commit/8817d28fcaacb31fe01d267f6e19b44d8179395a< / a > < br > < a href = "https://github.com/symfony/symfony/releases/tag/v4.3.8" > https://github.com/symfony/symfony/releases/tag/v4.3.8< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-18889" > https://nvd.nist.gov/vuln/detail/CVE-2019-18889< / a > < br > < a href = "https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances" > https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances< / a > < br > < a href = "https://symfony.com/blog/symfony-4-3-8-released" > https://symfony.com/blog/symfony-4-3-8-released< / a > < br > < a href = "https://symfony.com/cve-2019-18889" > https://symfony.com/cve-2019-18889< / a > < br > < / details > |
| symfony/cache | CVE-2019-10912 | HIGH | v4.2.3 | 3.4.0, 3.4.26, 4.1.0, 4.1.12, 4.2.7, 3.2.0, 3.3.0 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml< / a > < br > < a href = "https://github.com/advisories/GHSA-w2fr-65vp-mxw3" > https://github.com/advisories/GHSA-w2fr-65vp-mxw3< / a > < br > < a href = "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b" > https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10912" > https://nvd.nist.gov/vuln/detail/CVE-2019-10912< / a > < br > < a href = "https://seclists.org/bugtraq/2019/May/21" > https://seclists.org/bugtraq/2019/May/21< / a > < br > < a href = "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized" > https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized< / a > < br > < a href = "https://symfony.com/cve-2019-10912" > https://symfony.com/cve-2019-10912< / a > < br > < a href = "https://typo3.org/security/advisory/typo3-core-sa-2019-016" > https://typo3.org/security/advisory/typo3-core-
| symfony/dependency-injection | CVE-2019-10910 | CRITICAL | v4.2.4 | 3.3.0, 3.4.0, 4.1.0, 4.2.7, 2.7.51, 3.1.0, 3.4.26, 4.1.12, 2.8.50, 3.2.0 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/dependency-injection/CVE-2019-10910.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/dependency-injection/CVE-2019-10910.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/proxy-manager-bridge/CVE-2019-10910.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/proxy-manager-bridge/CVE-2019-10910.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10910.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10910.yaml< / a > < br > < a href = "https://github.com/advisories/GHSA-pgwj-prpq-jpc2" > https://github.com/advisories/GHSA-pgwj-prpq-jpc2< / a > < br > < a href = "https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b" > https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10910" > https://nvd.nist.gov/vuln/detail/CVE-2019-10910< / a > < br > < a href = "https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid" > https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid< / a > < br > < a href = "https://symfony.com/cve-2019-10910" > https://symfony.com/cve-2019-10910< / a > < br > < a href = "https://www.drupal.org/SA-CORE-2019-005" > https://www.drupal.org/SA-CORE-2019-005< / a > < br > < a href = "https://www.synology.com/security/advisory/Synology_SA_19_19" > https://www.synology.com/security/advisory/Synology_SA_19_19< / a > < br > < / details > |
| symfony/framework-bundle | CVE-2019-10909 | MEDIUM | v4.2.3 | 2.7.51, 2.8.50, 3.3.0, 4.2.7, 3.1.0, 3.2.0, 3.4.0, 3.4.26, 4.1.0, 4.1.12 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml< / a > < br > < a href = "https://github.com/advisories/GHSA-g996-q5r8-w7g2" > https://github.com/advisories/GHSA-g996-q5r8-w7g2< / a > < br > < a href = "https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2" > https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10909" > https://nvd.nist.gov/vuln/detail/CVE-2019-10909< / a > < br > < a href = "https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine" > https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine< / a > < br > < a href = "https://symfony.com/cve-2019-10909" > https://symfony.com/cve-2019-10909< / a > < br > < a href = "https://www.drupal.org/SA-CORE-2019-005" > https://www.drupal.org/SA-CORE-2019-005< / a > < br > < a href = "https://www.drupal.org/sa-core-2019-005" > https://www.drupal.org/sa-core-2019-005< / a > < br > < a href = "https://www.synology.com/security/advisory/Synology_SA_19_19" > https://www.synology.com/security/advisory/Synology_SA_19_19< / a > < br > < / details > |
| symfony/http-foundation | CVE-2019-10913 | CRITICAL | v4.2.4 | 2.7.51, 3.2.0, 3.3.0, 4.1.0, 4.1.12, 2.8.50, 3.1.0, 3.4.0, 3.4.26, 4.2.7 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-10913.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-10913.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10913.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10913.yaml< / a > < br > < a href = "https://github.com/advisories/GHSA-x92h-wmg2-6hp7" > https://github.com/advisories/GHSA-x92h-wmg2-6hp7< / a > < br > < a href = "https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec" > https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10913" > https://nvd.nist.gov/vuln/detail/CVE-2019-10913< / a > < br > < a href = "https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides" > https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides< / a > < br > < a href = "https://symfony.com/cve-2019-10913" > https://symfony.com/cve-2019-10913< / a > < br > < / details > |
| symfony/http-foundation | CVE-2019-18888 | HIGH | v4.2.4 | 3.3.0, 3.4.0, 3.4.35, 2.1.0, 2.3.0, 2.8.0, 2.6.0, 2.8.52, 4.2.12, 2.4.0, 2.5.0, 4.2.0, 3.2.0, 4.1.0, 4.3.8, 2.2.0, 2.7.0, 3.1.0 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18888" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18888< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-18888.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-18888.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/mime/CVE-2019-18888.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/mime/CVE-2019-18888.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18888.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18888.yaml< / a > < br > < a href = "https://github.com/advisories/GHSA-xhh6-956q-4q69" > https://github.com/advisories/GHSA-xhh6-956q-4q69< / a > < br > < a href = "https://github.com/symfony/symfony/commit/691486e43ce0e4893cd703e221bafc10a871f365" > https://github.com/symfony/symfony/commit/691486e43ce0e4893cd703e221bafc10a871f365< / a > < br > < a href = "https://github.com/symfony/symfony/commit/77ddabf2e785ea85860d2720cc86f7c5d8967ed5" > https://github.com/symfony/symfony/commit/77ddabf2e785ea85860d2720cc86f7c5d8967ed5< / a > < br > < a href = "https://github.com/symfony/symfony/releases/tag/v4.3.8" > https://github.com/symfony/symfony/releases/tag/v4.3.8< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-18888" > https://nvd.nist.gov/vuln/detail/CVE-2019-18888< / a > < br > < a href = "https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser" > https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser< / a > < br > < a href = "https://symfony.com/blog/symfony-4-3-8-released" > https://symfony.com/blog/symfony-4-3-8-released< / a > < br > < a href = "https://symfony.com/cve-2019-18888" > https://symfony.com/cve-2019-18888< / a > < br > < / details > |
| symfony/http-kernel | CVE-2019-18887 | HIGH | v4.2.4 | 3.4.35, 4.2.12, 4.3.8, 2.8.0, 2.4.0, 3.4.0, 4.1.0, 2.3.0, 2.6.0, 3.2.0, 3.3.0, 4.2.0, 2.5.0, 2.8.52, 3.1.0, 2.7.0 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18887" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18887< / a > < br > < a href = "https://github.com/symfony/symfony/commit/cccefe6a7f12e776df0665aeb77fe9294c285fbb" > https://github.com/symfony/symfony/commit/cccefe6a7f12e776df0665aeb77fe9294c285fbb< / a > < br > < a href = "https://github.com/symfony/symfony/releases/tag/v4.3.8" > https://github.com/symfony/symfony/releases/tag/v4.3.8< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/< / a > < br > < a href = "https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner" > https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner< / a > < br > < a href = "https://symfony.com/blog/symfony-4-3-8-released" > https://symfony.com/blog/symfony-4-3-8-released< / a > < br > < a href = "https://symfony.com/cve-2019-18887" > https://symfony.com/cve-2019-18887< / a > < br > < / details > |
| symfony/var-exporter | CVE-2019-11325 | CRITICAL | v4.2.3 | 4.2.12, 4.3.8 | < details > < summary > Expand...< / summary > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-11325.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-11325.yaml< / a > < br > < a href = "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/var-exporter/CVE-2019-11325.yaml" > https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/var-exporter/CVE-2019-11325.yaml< / a > < br > < a href = "https://github.com/advisories/GHSA-w4rc-rx25-8m86" > https://github.com/advisories/GHSA-w4rc-rx25-8m86< / a > < br > < a href = "https://github.com/symfony/symfony/releases/tag/v4.3.8" > https://github.com/symfony/symfony/releases/tag/v4.3.8< / a > < br > < a href = "https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3" > https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-11325" > https://nvd.nist.gov/vuln/detail/CVE-2019-11325< / a > < br > < a href = "https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter" > https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter< / a > < br > < a href = "https://symfony.com/blog/symfony-4-3-8-released" > https://symfony.com/blog/symfony-4-3-8-released< / a > < br > < a href = "https://symfony.com/cve-2019-11325" > https://symfony.com/cve-2019-11325< / a > < br > < / details > |
2022-02-15 14:42:47 +00:00
| twig/twig | CVE-2022-23614 | HIGH | v2.6.2 | 3.3.8, 2.14.11 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-5mv2-rx3q-4w2v" > https://github.com/advisories/GHSA-5mv2-rx3q-4w2v< / a > < br > < a href = "https://github.com/twigphp/Twig/commit/22b9dc3c03ee66d7e21d9ed2ca76052b134cb9e9" > https://github.com/twigphp/Twig/commit/22b9dc3c03ee66d7e21d9ed2ca76052b134cb9e9< / a > < br > < a href = "https://github.com/twigphp/Twig/commit/2eb33080558611201b55079d07ac88f207b466d5" > https://github.com/twigphp/Twig/commit/2eb33080558611201b55079d07ac88f207b466d5< / a > < br > < a href = "https://github.com/twigphp/Twig/security/advisories/GHSA-5mv2-rx3q-4w2v" > https://github.com/twigphp/Twig/security/advisories/GHSA-5mv2-rx3q-4w2v< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2PVV5DUTRUECTIHMTWRI5Z7DVNYQ2YO/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2PVV5DUTRUECTIHMTWRI5Z7DVNYQ2YO/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTN4273U4RHVIXED64T7DSMJ3VYTPRE7/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTN4273U4RHVIXED64T7DSMJ3VYTPRE7/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PECHIY2XLWUH2WLCNPDGNFMPHPRPCEDZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PECHIY2XLWUH2WLCNPDGNFMPHPRPCEDZ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIGZCFSYLPP7UVJ4E4NLHSOQSKYNXSAD/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIGZCFSYLPP7UVJ4E4NLHSOQSKYNXSAD/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23614" > https://nvd.nist.gov/vuln/detail/CVE-2022-23614< / a > < br > < / details > |
| twig/twig | CVE-2019-9942 | LOW | v2.6.2 | 1.38.0, 2.7.0 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9942" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9942< / a > < br > < a href = "https://github.com/twigphp/Twig/commit/eac5422956e1dcca89a3669a03a3ff32f0502077" > https://github.com/twigphp/Twig/commit/eac5422956e1dcca89a3669a03a3ff32f0502077< / a > < br > < a href = "https://seclists.org/bugtraq/2019/Mar/60" > https://seclists.org/bugtraq/2019/Mar/60< / a > < br > < a href = "https://symfony.com/blog/twig-sandbox-information-disclosure" > https://symfony.com/blog/twig-sandbox-information-disclosure< / a > < br > < a href = "https://www.debian.org/security/2019/dsa-4419" > https://www.debian.org/security/2019/dsa-4419< / a > < br > < / details > |