2021-12-05 00:50:14 +00:00
---
hide:
- toc
---
2021-12-05 23:17:30 +00:00
# Security Overview
2021-12-04 20:11:45 +00:00
2021-12-05 00:50:14 +00:00
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
2021-12-04 20:11:45 +00:00
## Helm-Chart
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Chart Object: overseerr/templates/common.yaml
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-05 00:50:14 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-overseerr' of Deployment ' RELEASE-NAME-overseerr' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-overseerr' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-overseerr' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-overseerr' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-overseerr' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-overseerr' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
2021-12-21 18:46:27 +00:00
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-overseerr' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
2021-12-04 20:11:45 +00:00
## Containers
##### Detected Containers
2022-03-26 15:30:42 +00:00
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
2022-01-03 21:51:45 +00:00
tccr.io/truecharts/overseerr:v1.28.0@sha256:50cd1bf4ba1fcc5a0fd040ff6a529557470e5c2d1dc5e6d40f144b40ca1607a0
2021-12-04 20:11:45 +00:00
##### Scan Results
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2021-12-05 00:50:14 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-04-03 16:31:59 +00:00
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2021-12-05 00:50:14 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-04-03 16:31:59 +00:00
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/overseerr:v1.28.0@sha256:50cd1bf4ba1fcc5a0fd040ff6a529557470e5c2d1dc5e6d40f144b40ca1607a0 (alpine 3.14.3)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-04-03 16:31:59 +00:00
| libcrypto1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0778" > https://access.redhat.com/security/cve/CVE-2022-0778< / a > < br > < a href = "https://crates.io/crates/openssl-src" > https://crates.io/crates/openssl-src< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-0778.html" > https://linux.oracle.com/cve/CVE-2022-0778.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9258.html" > https://linux.oracle.com/errata/ELSA-2022-9258.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0778" > https://nvd.nist.gov/vuln/detail/CVE-2022-0778< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0014.html" > https://rustsec.org/advisories/RUSTSEC-2022-0014.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220321-0002/" > https://security.netapp.com/advisory/ntap-20220321-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-1" > https://ubuntu.com/security/notices/USN-5328-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-2" > https://ubuntu.com/security/notices/USN-5328-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5103" > https://www.debian.org/security/2022/dsa-5103< / a > < br > < a href = "https://www.openssl.org/news/secadv/20220315.txt" > https://www.openssl.org/news/secadv/20220315.txt< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-06" > https://www.tenable.com/security/tns-2022-06< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-07" > https://www.tenable.com/security/tns-2022-07< / a > < br > < / details > |
| libretls | CVE-2022-0778 | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0778" > https://access.redhat.com/security/cve/CVE-2022-0778< / a > < br > < a href = "https://crates.io/crates/openssl-src" > https://crates.io/crates/openssl-src< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-0778.html" > https://linux.oracle.com/cve/CVE-2022-0778.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9258.html" > https://linux.oracle.com/errata/ELSA-2022-9258.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0778" > https://nvd.nist.gov/vuln/detail/CVE-2022-0778< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0014.html" > https://rustsec.org/advisories/RUSTSEC-2022-0014.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220321-0002/" > https://security.netapp.com/advisory/ntap-20220321-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-1" > https://ubuntu.com/security/notices/USN-5328-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-2" > https://ubuntu.com/security/notices/USN-5328-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5103" > https://www.debian.org/security/2022/dsa-5103< / a > < br > < a href = "https://www.openssl.org/news/secadv/20220315.txt" > https://www.openssl.org/news/secadv/20220315.txt< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-06" > https://www.tenable.com/security/tns-2022-06< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-07" > https://www.tenable.com/security/tns-2022-07< / a > < br > < / details > |
| libssl1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0778" > https://access.redhat.com/security/cve/CVE-2022-0778< / a > < br > < a href = "https://crates.io/crates/openssl-src" > https://crates.io/crates/openssl-src< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83< / a > < br > < a href = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" > https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-0778.html" > https://linux.oracle.com/cve/CVE-2022-0778.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-9258.html" > https://linux.oracle.com/errata/ELSA-2022-9258.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0778" > https://nvd.nist.gov/vuln/detail/CVE-2022-0778< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0014.html" > https://rustsec.org/advisories/RUSTSEC-2022-0014.html< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220321-0002/" > https://security.netapp.com/advisory/ntap-20220321-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-1" > https://ubuntu.com/security/notices/USN-5328-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5328-2" > https://ubuntu.com/security/notices/USN-5328-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5103" > https://www.debian.org/security/2022/dsa-5103< / a > < br > < a href = "https://www.openssl.org/news/secadv/20220315.txt" > https://www.openssl.org/news/secadv/20220315.txt< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-06" > https://www.tenable.com/security/tns-2022-06< / a > < br > < a href = "https://www.tenable.com/security/tns-2022-07" > https://www.tenable.com/security/tns-2022-07< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
2021-12-04 20:11:45 +00:00
**node-pkg**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-03-30 20:23:21 +00:00
| ansi-regex | CVE-2021-3807 | MEDIUM | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-3807" > https://access.redhat.com/security/cve/CVE-2021-3807< / a > < br > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://github.com/chalk/ansi-regex/releases/tag/v6.0.1" > https://github.com/chalk/ansi-regex/releases/tag/v6.0.1< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3807.html" > https://linux.oracle.com/cve/CVE-2021-3807.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < / details > |
| ansi-regex | CVE-2021-3807 | MEDIUM | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-3807" > https://access.redhat.com/security/cve/CVE-2021-3807< / a > < br > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://github.com/chalk/ansi-regex/releases/tag/v6.0.1" > https://github.com/chalk/ansi-regex/releases/tag/v6.0.1< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3807.html" > https://linux.oracle.com/cve/CVE-2021-3807.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < / details > |
| ansi-regex | CVE-2021-3807 | MEDIUM | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-3807" > https://access.redhat.com/security/cve/CVE-2021-3807< / a > < br > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://github.com/chalk/ansi-regex/releases/tag/v6.0.1" > https://github.com/chalk/ansi-regex/releases/tag/v6.0.1< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3807.html" > https://linux.oracle.com/cve/CVE-2021-3807.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < / details > |
| color-string | CVE-2021-29060 | MEDIUM | 1.5.3 | 1.5.5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-29060" > https://access.redhat.com/security/cve/CVE-2021-29060< / a > < br > < a href = "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3" > https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3< / a > < br > < a href = "https://github.com/Qix-/color-string/releases/tag/1.5.5" > https://github.com/Qix-/color-string/releases/tag/1.5.5< / a > < br > < a href = "https://github.com/advisories/GHSA-257v-vj4p-3w2h" > https://github.com/advisories/GHSA-257v-vj4p-3w2h< / a > < br > < a href = "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md" > https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md< / a > < br > < a href = "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js" > https://github.com/yetingli/SaveResults/blob/main/js/color-string.js< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-29060" > https://nvd.nist.gov/vuln/detail/CVE-2021-29060< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939" > https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939< / a > < br > < a href = "https://www.npmjs.com/package/color-string" > https://www.npmjs.com/package/color-string< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| elliptic | CVE-2020-28498 | MEDIUM | 6.5.3 | 6.5.4 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-r9p9-mrjm-926w" > https://github.com/advisories/GHSA-r9p9-mrjm-926w< / a > < br > < a href = "https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md" > https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md< / a > < br > < a href = "https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f" > https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f< / a > < br > < a href = "https://github.com/indutny/elliptic/pull/244/commits" > https://github.com/indutny/elliptic/pull/244/commits< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28498" > https://nvd.nist.gov/vuln/detail/CVE-2020-28498< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1069836" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1069836< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899" > https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899< / a > < br > < a href = "https://www.npmjs.com/package/elliptic" > https://www.npmjs.com/package/elliptic< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| follow-redirects | CVE-2022-0155 | HIGH | 1.14.4 | 1.14.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0155" > https://access.redhat.com/security/cve/CVE-2022-0155< / a > < br > < a href = "https://github.com/advisories/GHSA-74fj-2j2h-c42q" > https://github.com/advisories/GHSA-74fj-2j2h-c42q< / a > < br > < a href = "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22" > https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22< / a > < br > < a href = "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406" > https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0155" > https://nvd.nist.gov/vuln/detail/CVE-2022-0155< / a > < br > < / details > |
| follow-redirects | CVE-2022-0536 | MEDIUM | 1.14.4 | 1.14.8 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0536" > https://access.redhat.com/security/cve/CVE-2022-0536< / a > < br > < a href = "https://github.com/advisories/GHSA-pw2r-vq6v-hr8c" > https://github.com/advisories/GHSA-pw2r-vq6v-hr8c< / a > < br > < a href = "https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445" > https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445< / a > < br > < a href = "https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db" > https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0536" > https://nvd.nist.gov/vuln/detail/CVE-2022-0536< / a > < br > < / details > |
| glob-parent | CVE-2020-28469 | HIGH | 5.1.1 | 5.1.2 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-28469" > https://access.redhat.com/security/cve/CVE-2020-28469< / a > < br > < a href = "https://github.com/advisories/GHSA-ww39-953v-wcq6" > https://github.com/advisories/GHSA-ww39-953v-wcq6< / a > < br > < a href = "https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9" > https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9< / a > < br > < a href = "https://github.com/gulpjs/glob-parent/pull/36" > https://github.com/gulpjs/glob-parent/pull/36< / a > < br > < a href = "https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2" > https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-28469.html" > https://linux.oracle.com/cve/CVE-2020-28469.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" > https://nvd.nist.gov/vuln/detail/CVE-2020-28469< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" > https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < / details > |
| json-schema | CVE-2021-3918 | MEDIUM | 0.2.3 | 0.4.0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-3918" > https://access.redhat.com/security/cve/CVE-2021-3918< / a > < br > < a href = "https://github.com/advisories/GHSA-896r-f27r-55mw" > https://github.com/advisories/GHSA-896r-f27r-55mw< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741" > https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a" > https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa" > https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa< / a > < br > < a href = "https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9" > https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-3918.html" > https://linux.oracle.com/cve/CVE-2021-3918.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3918" > https://nvd.nist.gov/vuln/detail/CVE-2021-3918< / a > < br > < / details > |
| lodash-es | CVE-2021-23337 | HIGH | 4.17.20 | 4.17.21 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-23337" > https://access.redhat.com/security/cve/CVE-2021-23337< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337< / a > < br > < a href = "https://github.com/advisories/GHSA-35jh-r3h4-6jhm" > https://github.com/advisories/GHSA-35jh-r3h4-6jhm< / a > < br > < a href = "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851" > https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851< / a > < br > < a href = "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851" > https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851< / a > < br > < a href = "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c" > https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23337" > https://nvd.nist.gov/vuln/detail/CVE-2021-23337< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210312-0006/" > https://security.netapp.com/advisory/ntap-20210312-0006/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932" > https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-1040724" > https://snyk.io/vuln/SNYK-JS-LODASH-1040724< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| lodash-es | CVE-2020-28500 | MEDIUM | 4.17.20 | 4.17.21 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-28500" > https://access.redhat.com/security/cve/CVE-2020-28500< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500< / a > < br > < a href = "https://github.com/advisories/GHSA-29mw-wpgm-hmr9" > https://github.com/advisories/GHSA-29mw-wpgm-hmr9< / a > < br > < a href = "https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8" > https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8< / a > < br > < a href = "https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8" > https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8< / a > < br > < a href = "https://github.com/lodash/lodash/pull/5065" > https://github.com/lodash/lodash/pull/5065< / a > < br > < a href = "https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7" > https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28500" > https://nvd.nist.gov/vuln/detail/CVE-2020-28500< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210312-0006/" > https://security.netapp.com/advisory/ntap-20210312-0006/< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896" > https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-LODASH-1018905" > https://snyk.io/vuln/SNYK-JS-LODASH-1018905< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| minimist | CVE-2021-44906 | HIGH | 1.2.5 | 1.2.6 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-44906" > https://access.redhat.com/security/cve/CVE-2021-44906< / a > < br > < a href = "https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip" > https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip< / a > < br > < a href = "https://github.com/advisories/GHSA-xvch-5gv4-984h" > https://github.com/advisories/GHSA-xvch-5gv4-984h< / a > < br > < a href = "https://github.com/substack/minimist/blob/master/index.js#L69" > https://github.com/substack/minimist/blob/master/index.js#L69< / a > < br > < a href = "https://github.com/substack/minimist/issues/164" > https://github.com/substack/minimist/issues/164< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" > https://nvd.nist.gov/vuln/detail/CVE-2021-44906< / a > < br > < a href = "https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" > https://snyk.io/vuln/SNYK-JS-MINIMIST-559764< / a > < br > < a href = "https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068" > https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068< / a > < br > < / details > |
| nanoid | CVE-2021-23566 | MEDIUM | 3.1.23 | 3.1.31 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-23566" > https://access.redhat.com/security/cve/CVE-2021-23566< / a > < br > < a href = "https://gist.github.com/artalar/bc6d1eb9a3477d15d2772e876169a444" > https://gist.github.com/artalar/bc6d1eb9a3477d15d2772e876169a444< / a > < br > < a href = "https://github.com/advisories/GHSA-qrpm-p2h7-hrv2" > https://github.com/advisories/GHSA-qrpm-p2h7-hrv2< / a > < br > < a href = "https://github.com/ai/nanoid/commit/2b7bd9332bc49b6330c7ddb08e5c661833db2575" > https://github.com/ai/nanoid/commit/2b7bd9332bc49b6330c7ddb08e5c661833db2575< / a > < br > < a href = "https://github.com/ai/nanoid/pull/328" > https://github.com/ai/nanoid/pull/328< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23566" > https://nvd.nist.gov/vuln/detail/CVE-2021-23566< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2332550" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2332550< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-NANOID-2332193" > https://snyk.io/vuln/SNYK-JS-NANOID-2332193< / a > < br > < / details > |
2021-12-14 20:47:51 +00:00
| next | CVE-2021-43803 | HIGH | 11.1.2 | 11.1.3, 12.0.5 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-25mp-g6fv-mqxx" > https://github.com/advisories/GHSA-25mp-g6fv-mqxx< / a > < br > < a href = "https://github.com/vercel/next.js/commit/6d98b4fb4315dec1badecf0e9bdc212a4272b264" > https://github.com/vercel/next.js/commit/6d98b4fb4315dec1badecf0e9bdc212a4272b264< / a > < br > < a href = "https://github.com/vercel/next.js/pull/32080" > https://github.com/vercel/next.js/pull/32080< / a > < br > < a href = "https://github.com/vercel/next.js/releases/tag/v11.1.3" > https://github.com/vercel/next.js/releases/tag/v11.1.3< / a > < br > < a href = "https://github.com/vercel/next.js/releases/v12.0.5" > https://github.com/vercel/next.js/releases/v12.0.5< / a > < br > < a href = "https://github.com/vercel/next.js/security/advisories/GHSA-25mp-g6fv-mqxx" > https://github.com/vercel/next.js/security/advisories/GHSA-25mp-g6fv-mqxx< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-43803" > https://nvd.nist.gov/vuln/detail/CVE-2021-43803< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| next | CVE-2022-23646 | MEDIUM | 11.1.2 | 12.1.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-fmvm-x8mv-47mj" > https://github.com/advisories/GHSA-fmvm-x8mv-47mj< / a > < br > < a href = "https://github.com/vercel/next.js/pull/34075" > https://github.com/vercel/next.js/pull/34075< / a > < br > < a href = "https://github.com/vercel/next.js/releases/tag/v12.1.0" > https://github.com/vercel/next.js/releases/tag/v12.1.0< / a > < br > < a href = "https://github.com/vercel/next.js/security/advisories/GHSA-fmvm-x8mv-47mj" > https://github.com/vercel/next.js/security/advisories/GHSA-fmvm-x8mv-47mj< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23646" > https://nvd.nist.gov/vuln/detail/CVE-2022-23646< / a > < br > < / details > |
| node-fetch | CVE-2022-0235 | HIGH | 2.6.1 | 2.6.7, 3.1.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0235" > https://access.redhat.com/security/cve/CVE-2022-0235< / a > < br > < a href = "https://github.com/advisories/GHSA-r683-j2x4-v87g" > https://github.com/advisories/GHSA-r683-j2x4-v87g< / a > < br > < a href = "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10" > https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10< / a > < br > < a href = "https://github.com/node-fetch/node-fetch/commit/5c32f002fdd65b1c6a8f1e3620210813d45c7e60" > https://github.com/node-fetch/node-fetch/commit/5c32f002fdd65b1c6a8f1e3620210813d45c7e60< / a > < br > < a href = "https://github.com/node-fetch/node-fetch/pull/1453" > https://github.com/node-fetch/node-fetch/pull/1453< / a > < br > < a href = "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7" > https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7< / a > < br > < a href = "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/" > https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0235" > https://nvd.nist.gov/vuln/detail/CVE-2022-0235< / a > < br > < / details > |
| nth-check | CVE-2021-3803 | MEDIUM | 1.0.2 | 2.0.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-3803" > https://access.redhat.com/security/cve/CVE-2021-3803< / a > < br > < a href = "https://github.com/advisories/GHSA-rp65-9cf3-cjxr" > https://github.com/advisories/GHSA-rp65-9cf3-cjxr< / a > < br > < a href = "https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726" > https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726< / a > < br > < a href = "https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0" > https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3803" > https://nvd.nist.gov/vuln/detail/CVE-2021-3803< / a > < br > < / details > |
| path-parse | CVE-2021-23343 | MEDIUM | 1.0.6 | 1.0.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-23343" > https://access.redhat.com/security/cve/CVE-2021-23343< / a > < br > < a href = "https://github.com/advisories/GHSA-hj48-42vr-x3v9" > https://github.com/advisories/GHSA-hj48-42vr-x3v9< / a > < br > < a href = "https://github.com/jbgutierrez/path-parse/commit/eca63a7b9a473bf6978a2f5b7b3343662d1506f7" > https://github.com/jbgutierrez/path-parse/commit/eca63a7b9a473bf6978a2f5b7b3343662d1506f7< / a > < br > < a href = "https://github.com/jbgutierrez/path-parse/issues/8" > https://github.com/jbgutierrez/path-parse/issues/8< / a > < br > < a href = "https://github.com/jbgutierrez/path-parse/pull/10" > https://github.com/jbgutierrez/path-parse/pull/10< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-23343.html" > https://linux.oracle.com/cve/CVE-2021-23343.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23343" > https://nvd.nist.gov/vuln/detail/CVE-2021-23343< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067" > https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
| swagger-ui-dist | CVE-2021-46708 | MEDIUM | 3.32.5 | 4.1.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-6c9x-mj3g-h47x" > https://github.com/advisories/GHSA-6c9x-mj3g-h47x< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-46708" > https://nvd.nist.gov/vuln/detail/CVE-2021-46708< / a > < br > < a href = "https://security.snyk.io/vuln/SNYK-JS-SWAGGERUIDIST-2314884" > https://security.snyk.io/vuln/SNYK-JS-SWAGGERUIDIST-2314884< / a > < br > < a href = "https://www.npmjs.com/package/swagger-ui-dist/v/4.1.3" > https://www.npmjs.com/package/swagger-ui-dist/v/4.1.3< / a > < br > < / details > |
2021-12-11 14:41:32 +00:00
| swagger-ui-dist | GHSA-qrmm-w75w-3wpx | MEDIUM | 3.32.5 | 4.1.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-qrmm-w75w-3wpx" > https://github.com/advisories/GHSA-qrmm-w75w-3wpx< / a > < br > < a href = "https://github.com/swagger-api/swagger-ui/commit/01a3e55960f864a0acf6a8d06e5ddaf6776a7f76" > https://github.com/swagger-api/swagger-ui/commit/01a3e55960f864a0acf6a8d06e5ddaf6776a7f76< / a > < br > < a href = "https://github.com/swagger-api/swagger-ui/issues/4872" > https://github.com/swagger-api/swagger-ui/issues/4872< / a > < br > < a href = "https://github.com/swagger-api/swagger-ui/security/advisories/GHSA-qrmm-w75w-3wpx" > https://github.com/swagger-api/swagger-ui/security/advisories/GHSA-qrmm-w75w-3wpx< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| tar | CVE-2021-32803 | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-32803" > https://access.redhat.com/security/cve/CVE-2021-32803< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20" > https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32803.html" > https://linux.oracle.com/cve/CVE-2021-32803.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32803" > https://nvd.nist.gov/vuln/detail/CVE-2021-32803< / a > < br > < a href = "https://www.npmjs.com/advisories/1771" > https://www.npmjs.com/advisories/1771< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-32804 | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-32804" > https://access.redhat.com/security/cve/CVE-2021-32804< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4" > https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32804.html" > https://linux.oracle.com/cve/CVE-2021-32804.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32804" > https://nvd.nist.gov/vuln/detail/CVE-2021-32804< / a > < br > < a href = "https://www.npmjs.com/advisories/1770" > https://www.npmjs.com/advisories/1770< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37701 | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37701" > https://access.redhat.com/security/cve/CVE-2021-37701< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-9r2w-394v-53qc" > https://github.com/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc" > https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-37701.html" > https://linux.oracle.com/cve/CVE-2021-37701.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37701" > https://nvd.nist.gov/vuln/detail/CVE-2021-37701< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1779" > https://www.npmjs.com/advisories/1779< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37712 | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37712" > https://access.redhat.com/security/cve/CVE-2021-37712< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-qq89-hq3f-393p" > https://github.com/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p" > https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-37712.html" > https://linux.oracle.com/cve/CVE-2021-37712.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37712" > https://nvd.nist.gov/vuln/detail/CVE-2021-37712< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1780" > https://www.npmjs.com/advisories/1780< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37713 | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37713" > https://access.redhat.com/security/cve/CVE-2021-37713< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-5955-9wpr-37jh" > https://github.com/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh" > https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37713" > https://nvd.nist.gov/vuln/detail/CVE-2021-37713< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-32803 | HIGH | 6.1.0 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-32803" > https://access.redhat.com/security/cve/CVE-2021-32803< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20" > https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32803.html" > https://linux.oracle.com/cve/CVE-2021-32803.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32803" > https://nvd.nist.gov/vuln/detail/CVE-2021-32803< / a > < br > < a href = "https://www.npmjs.com/advisories/1771" > https://www.npmjs.com/advisories/1771< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-32804 | HIGH | 6.1.0 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-32804" > https://access.redhat.com/security/cve/CVE-2021-32804< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4" > https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32804.html" > https://linux.oracle.com/cve/CVE-2021-32804.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32804" > https://nvd.nist.gov/vuln/detail/CVE-2021-32804< / a > < br > < a href = "https://www.npmjs.com/advisories/1770" > https://www.npmjs.com/advisories/1770< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37701 | HIGH | 6.1.0 | 6.1.7, 5.0.8, 4.4.16 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37701" > https://access.redhat.com/security/cve/CVE-2021-37701< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-9r2w-394v-53qc" > https://github.com/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc" > https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-37701.html" > https://linux.oracle.com/cve/CVE-2021-37701.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37701" > https://nvd.nist.gov/vuln/detail/CVE-2021-37701< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1779" > https://www.npmjs.com/advisories/1779< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37712 | HIGH | 6.1.0 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37712" > https://access.redhat.com/security/cve/CVE-2021-37712< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-qq89-hq3f-393p" > https://github.com/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p" > https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-37712.html" > https://linux.oracle.com/cve/CVE-2021-37712.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0350.html" > https://linux.oracle.com/errata/ELSA-2022-0350.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37712" > https://nvd.nist.gov/vuln/detail/CVE-2021-37712< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1780" > https://www.npmjs.com/advisories/1780< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37713 | HIGH | 6.1.0 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37713" > https://access.redhat.com/security/cve/CVE-2021-37713< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf< / a > < br > < a href = "https://github.com/advisories/GHSA-5955-9wpr-37jh" > https://github.com/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh" > https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37713" > https://nvd.nist.gov/vuln/detail/CVE-2021-37713< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |