2021-12-05 00:50:14 +00:00
---
hide:
- toc
---
2021-12-05 23:17:30 +00:00
# Security Overview
2021-12-04 20:11:45 +00:00
2021-12-05 00:50:14 +00:00
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
2021-12-04 20:11:45 +00:00
## Helm-Chart
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Chart Object: wiki/templates/common.yaml
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-05 00:50:14 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-wiki' of Deployment ' RELEASE-NAME-wiki' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' RELEASE-NAME-wiki' of Deployment ' RELEASE-NAME-wiki' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-wiki' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV013 | Image tag ' :latest' used | LOW | < details > < summary > Expand...< / summary > It is best to avoid using the ' :latest' image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version. < br > < hr > < br > Container ' RELEASE-NAME-wiki' of Deployment ' RELEASE-NAME-wiki' should specify an image tag < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/configuration/overview/#container-images" > https://kubernetes.io/docs/concepts/configuration/overview/#container-images< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv013" > https://avd.aquasec.com/appshield/ksv013< / a > < br > < / details > |
| Kubernetes Security Check | KSV013 | Image tag ' :latest' used | LOW | < details > < summary > Expand...< / summary > It is best to avoid using the ' :latest' image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-wiki' should specify an image tag < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/configuration/overview/#container-images" > https://kubernetes.io/docs/concepts/configuration/overview/#container-images< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv013" > https://avd.aquasec.com/appshield/ksv013< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-wiki' of Deployment ' RELEASE-NAME-wiki' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-wiki' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV019 | Seccomp policies disabled | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can bypass Seccomp protection policies. < br > < hr > < br > Container ' RELEASE-NAME-wiki' of Deployment ' RELEASE-NAME-wiki' should specify a seccomp profile < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/" > https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv019" > https://avd.aquasec.com/appshield/ksv019< / a > < br > < / details > |
| Kubernetes Security Check | KSV019 | Seccomp policies disabled | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can bypass Seccomp protection policies. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-wiki' should specify a seccomp profile < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/" > https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv019" > https://avd.aquasec.com/appshield/ksv019< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-wiki' of Deployment ' RELEASE-NAME-wiki' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-wiki' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-wiki' of Deployment ' RELEASE-NAME-wiki' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-wiki' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-wiki' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
2021-12-04 20:11:45 +00:00
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/wiki:version-900b76a@sha256:26548fe894831ba1fbd7b68da370583363be3f992bd99e71c8b678c2583df951
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2021-12-05 00:50:14 +00:00
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
#### Container: tccr.io/truecharts/wiki:version-900b76a@sha256:26548fe894831ba1fbd7b68da370583363be3f992bd99e71c8b678c2583df951 (alpine 3.11.12)
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2021-12-05 00:50:14 +00:00
| busybox | CVE-2021-42378 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42379 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42380 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42381 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42382 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42383 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42384 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42385 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42386 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| busybox | CVE-2021-42374 | MEDIUM | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| openssh | CVE-2021-41617 | HIGH | 8.1_p1-r0 | 8.1_p1-r1 | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.suse.com/show_bug.cgi?id=1190975" > https://bugzilla.suse.com/show_bug.cgi?id=1190975< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-41617.html" > https://linux.oracle.com/cve/CVE-2021-41617.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4782.html" > https://linux.oracle.com/errata/ELSA-2021-4782.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211014-0004/" > https://security.netapp.com/advisory/ntap-20211014-0004/< / a > < br > < a href = "https://www.openssh.com/security.html" > https://www.openssh.com/security.html< / a > < br > < a href = "https://www.openssh.com/txt/release-8.8" > https://www.openssh.com/txt/release-8.8< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2021/09/26/1" > https://www.openwall.com/lists/oss-security/2021/09/26/1< / a > < br > < / details > |
| openssh-client | CVE-2021-41617 | HIGH | 8.1_p1-r0 | 8.1_p1-r1 | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.suse.com/show_bug.cgi?id=1190975" > https://bugzilla.suse.com/show_bug.cgi?id=1190975< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-41617.html" > https://linux.oracle.com/cve/CVE-2021-41617.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4782.html" > https://linux.oracle.com/errata/ELSA-2021-4782.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211014-0004/" > https://security.netapp.com/advisory/ntap-20211014-0004/< / a > < br > < a href = "https://www.openssh.com/security.html" > https://www.openssh.com/security.html< / a > < br > < a href = "https://www.openssh.com/txt/release-8.8" > https://www.openssh.com/txt/release-8.8< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2021/09/26/1" > https://www.openwall.com/lists/oss-security/2021/09/26/1< / a > < br > < / details > |
| openssh-keygen | CVE-2021-41617 | HIGH | 8.1_p1-r0 | 8.1_p1-r1 | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.suse.com/show_bug.cgi?id=1190975" > https://bugzilla.suse.com/show_bug.cgi?id=1190975< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-41617.html" > https://linux.oracle.com/cve/CVE-2021-41617.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4782.html" > https://linux.oracle.com/errata/ELSA-2021-4782.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211014-0004/" > https://security.netapp.com/advisory/ntap-20211014-0004/< / a > < br > < a href = "https://www.openssh.com/security.html" > https://www.openssh.com/security.html< / a > < br > < a href = "https://www.openssh.com/txt/release-8.8" > https://www.openssh.com/txt/release-8.8< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2021/09/26/1" > https://www.openwall.com/lists/oss-security/2021/09/26/1< / a > < br > < / details > |
| openssh-server | CVE-2021-41617 | HIGH | 8.1_p1-r0 | 8.1_p1-r1 | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.suse.com/show_bug.cgi?id=1190975" > https://bugzilla.suse.com/show_bug.cgi?id=1190975< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-41617.html" > https://linux.oracle.com/cve/CVE-2021-41617.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4782.html" > https://linux.oracle.com/errata/ELSA-2021-4782.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211014-0004/" > https://security.netapp.com/advisory/ntap-20211014-0004/< / a > < br > < a href = "https://www.openssh.com/security.html" > https://www.openssh.com/security.html< / a > < br > < a href = "https://www.openssh.com/txt/release-8.8" > https://www.openssh.com/txt/release-8.8< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2021/09/26/1" > https://www.openwall.com/lists/oss-security/2021/09/26/1< / a > < br > < / details > |
| openssh-server-common | CVE-2021-41617 | HIGH | 8.1_p1-r0 | 8.1_p1-r1 | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.suse.com/show_bug.cgi?id=1190975" > https://bugzilla.suse.com/show_bug.cgi?id=1190975< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-41617.html" > https://linux.oracle.com/cve/CVE-2021-41617.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4782.html" > https://linux.oracle.com/errata/ELSA-2021-4782.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211014-0004/" > https://security.netapp.com/advisory/ntap-20211014-0004/< / a > < br > < a href = "https://www.openssh.com/security.html" > https://www.openssh.com/security.html< / a > < br > < a href = "https://www.openssh.com/txt/release-8.8" > https://www.openssh.com/txt/release-8.8< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2021/09/26/1" > https://www.openwall.com/lists/oss-security/2021/09/26/1< / a > < br > < / details > |
| openssh-sftp-server | CVE-2021-41617 | HIGH | 8.1_p1-r0 | 8.1_p1-r1 | < details > < summary > Expand...< / summary > < a href = "https://bugzilla.suse.com/show_bug.cgi?id=1190975" > https://bugzilla.suse.com/show_bug.cgi?id=1190975< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-41617.html" > https://linux.oracle.com/cve/CVE-2021-41617.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-4782.html" > https://linux.oracle.com/errata/ELSA-2021-4782.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211014-0004/" > https://security.netapp.com/advisory/ntap-20211014-0004/< / a > < br > < a href = "https://www.openssh.com/security.html" > https://www.openssh.com/security.html< / a > < br > < a href = "https://www.openssh.com/txt/release-8.8" > https://www.openssh.com/txt/release-8.8< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2021/09/26/1" > https://www.openwall.com/lists/oss-security/2021/09/26/1< / a > < br > < / details > |
| ssl_client | CVE-2021-42378 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42379 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42380 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42381 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42382 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42383 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42384 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42385 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r10 | 1.31.1-r11 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < / details > |
2021-12-04 20:11:45 +00:00
**node-pkg**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2021-12-05 00:50:14 +00:00
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < / details > |
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 5.0.1, 6.0.1 | < details > < summary > Expand...< / summary > < a href = "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908" > https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908< / a > < br > < a href = "https://github.com/advisories/GHSA-93q8-gq69-wqmw" > https://github.com/advisories/GHSA-93q8-gq69-wqmw< / a > < br > < a href = "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9" > https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311< / a > < br > < a href = "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774" > https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774< / a > < br > < a href = "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" > https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" > https://nvd.nist.gov/vuln/detail/CVE-2021-3807< / a > < br > < / details > |
| apollo-server | GHSA-qm7x-rc44-rrqw | HIGH | 2.18.2 | 3.4.1, 2.25.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-qm7x-rc44-rrqw" > https://github.com/advisories/GHSA-qm7x-rc44-rrqw< / a > < br > < a href = "https://github.com/apollographql/apollo-server/security/advisories/GHSA-qm7x-rc44-rrqw" > https://github.com/apollographql/apollo-server/security/advisories/GHSA-qm7x-rc44-rrqw< / a > < br > < / details > |
| aws-sdk | CVE-2020-28472 | CRITICAL | 2.778.0 | 2.814.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-rrc9-gqf8-8rwg" > https://github.com/advisories/GHSA-rrc9-gqf8-8rwg< / a > < br > < a href = "https://github.com/aws/aws-sdk-js-v3/commit/a209082dff913939672bb069964b33aa4c5409a9" > https://github.com/aws/aws-sdk-js-v3/commit/a209082dff913939672bb069964b33aa4c5409a9< / a > < br > < a href = "https://github.com/aws/aws-sdk-js/pull/3585/commits/7d72aff2a941173733fcb6741b104cd83d3bc611" > https://github.com/aws/aws-sdk-js/pull/3585/commits/7d72aff2a941173733fcb6741b104cd83d3bc611< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-28472" > https://nvd.nist.gov/vuln/detail/CVE-2020-28472< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1059426" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1059426< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059425" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059425< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-AWSSDK-1059424" > https://snyk.io/vuln/SNYK-JS-AWSSDK-1059424< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-AWSSDKSHAREDINIFILELOADER-1049304" > https://snyk.io/vuln/SNYK-JS-AWSSDKSHAREDINIFILELOADER-1049304< / a > < br > < / details > |
| css-what | CVE-2021-33587 | HIGH | 4.0.0 | 5.0.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-q8pj-2vqx-8ggc" > https://github.com/advisories/GHSA-q8pj-2vqx-8ggc< / a > < br > < a href = "https://github.com/fb55/css-what/commit/4cdaacfd0d4b6fd00614be030da0dea6c2994655" > https://github.com/fb55/css-what/commit/4cdaacfd0d4b6fd00614be030da0dea6c2994655< / a > < br > < a href = "https://github.com/fb55/css-what/releases/tag/v5.0.1" > https://github.com/fb55/css-what/releases/tag/v5.0.1< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-33587" > https://nvd.nist.gov/vuln/detail/CVE-2021-33587< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210706-0007/" > https://security.netapp.com/advisory/ntap-20210706-0007/< / a > < br > < / details > |
| express-brute | GHSA-984p-xq9m-4rjw | MEDIUM | 1.0.1 | | < details > < summary > Expand...< / summary > < a href = "https://github.com/AdamPflug/express-brute/issues/46" > https://github.com/AdamPflug/express-brute/issues/46< / a > < br > < a href = "https://github.com/advisories/GHSA-984p-xq9m-4rjw" > https://github.com/advisories/GHSA-984p-xq9m-4rjw< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-EXPRESSBRUTE-174457" > https://snyk.io/vuln/SNYK-JS-EXPRESSBRUTE-174457< / a > < br > < a href = "https://www.npmjs.com/advisories/823" > https://www.npmjs.com/advisories/823< / a > < br > < / details > |
| highlight.js | GHSA-7wwv-vh3v-89cq | MEDIUM | 10.2.1 | 10.4.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-7wwv-vh3v-89cq" > https://github.com/advisories/GHSA-7wwv-vh3v-89cq< / a > < br > < a href = "https://github.com/highlightjs/highlight.js/commit/373b9d862401162e832ce77305e49b859e110f9c" > https://github.com/highlightjs/highlight.js/commit/373b9d862401162e832ce77305e49b859e110f9c< / a > < br > < a href = "https://github.com/highlightjs/highlight.js/security/advisories/GHSA-7wwv-vh3v-89cq" > https://github.com/highlightjs/highlight.js/security/advisories/GHSA-7wwv-vh3v-89cq< / a > < br > < a href = "https://www.npmjs.com/package/@highlightjs/cdn-assets" > https://www.npmjs.com/package/@highlightjs/cdn-assets< / a > < br > < a href = "https://www.npmjs.com/package/highlight.js" > https://www.npmjs.com/package/highlight.js< / a > < br > < / details > |
| highlight.js | GHSA-7wwv-vh3v-89cq | MEDIUM | 10.3.1 | 10.4.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-7wwv-vh3v-89cq" > https://github.com/advisories/GHSA-7wwv-vh3v-89cq< / a > < br > < a href = "https://github.com/highlightjs/highlight.js/commit/373b9d862401162e832ce77305e49b859e110f9c" > https://github.com/highlightjs/highlight.js/commit/373b9d862401162e832ce77305e49b859e110f9c< / a > < br > < a href = "https://github.com/highlightjs/highlight.js/security/advisories/GHSA-7wwv-vh3v-89cq" > https://github.com/highlightjs/highlight.js/security/advisories/GHSA-7wwv-vh3v-89cq< / a > < br > < a href = "https://www.npmjs.com/package/@highlightjs/cdn-assets" > https://www.npmjs.com/package/@highlightjs/cdn-assets< / a > < br > < a href = "https://www.npmjs.com/package/highlight.js" > https://www.npmjs.com/package/highlight.js< / a > < br > < / details > |
| json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-896r-f27r-55mw" > https://github.com/advisories/GHSA-896r-f27r-55mw< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741" > https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a" > https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a< / a > < br > < a href = "https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa" > https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa< / a > < br > < a href = "https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9" > https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3918" > https://nvd.nist.gov/vuln/detail/CVE-2021-3918< / a > < br > < / details > |
| node-fetch | CVE-2020-15168 | MEDIUM | 1.7.3 | 3.0.0-beta.9, 2.6.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-w7rc-rwvf-8q5r" > https://github.com/advisories/GHSA-w7rc-rwvf-8q5r< / a > < br > < a href = "https://github.com/node-fetch/node-fetch/security/advisories/GHSA-w7rc-rwvf-8q5r" > https://github.com/node-fetch/node-fetch/security/advisories/GHSA-w7rc-rwvf-8q5r< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-15168" > https://nvd.nist.gov/vuln/detail/CVE-2020-15168< / a > < br > < a href = "https://www.npmjs.com/package/node-fetch" > https://www.npmjs.com/package/node-fetch< / a > < br > < / details > |
| node-uuid | CVE-2015-8851 | HIGH | 1.4.1 | > =1.4.4 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2016/04/13/8" > http://www.openwall.com/lists/oss-security/2016/04/13/8< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1327056" > https://bugzilla.redhat.com/show_bug.cgi?id=1327056< / a > < br > < a href = "https://github.com/advisories/GHSA-265q-28rp-chq5" > https://github.com/advisories/GHSA-265q-28rp-chq5< / a > < br > < a href = "https://github.com/broofa/node-uuid/commit/672f3834ed02c798aa021c618d0a5666c8da000d" > https://github.com/broofa/node-uuid/commit/672f3834ed02c798aa021c618d0a5666c8da000d< / a > < br > < a href = "https://github.com/broofa/node-uuid/issues/108" > https://github.com/broofa/node-uuid/issues/108< / a > < br > < a href = "https://github.com/broofa/node-uuid/issues/122" > https://github.com/broofa/node-uuid/issues/122< / a > < br > < a href = "https://nodesecurity.io/advisories/93" > https://nodesecurity.io/advisories/93< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2015-8851" > https://nvd.nist.gov/vuln/detail/CVE-2015-8851< / a > < br > < a href = "https://www.npmjs.com/advisories/93" > https://www.npmjs.com/advisories/93< / a > < br > < / details > |
| nodemailer | CVE-2020-7769 | CRITICAL | 6.4.14 | 6.4.16 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7769" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7769< / a > < br > < a href = "https://github.com/advisories/GHSA-48ww-j4fc-435p" > https://github.com/advisories/GHSA-48ww-j4fc-435p< / a > < br > < a href = "https://github.com/nodemailer/nodemailer/blob/33b62e2ea6bc9215c99a9bb4bfba94e2fb27ebd0/lib/sendmail-transport/index.js#L75" > https://github.com/nodemailer/nodemailer/blob/33b62e2ea6bc9215c99a9bb4bfba94e2fb27ebd0/lib/sendmail-transport/index.js#L75< / a > < br > < a href = "https://github.com/nodemailer/nodemailer/blob/33b62e2ea6bc9215c99a9bb4bfba94e2fb27ebd0/lib/sendmail-transport/index.js%23L75" > https://github.com/nodemailer/nodemailer/blob/33b62e2ea6bc9215c99a9bb4bfba94e2fb27ebd0/lib/sendmail-transport/index.js%23L75< / a > < br > < a href = "https://github.com/nodemailer/nodemailer/commit/ba31c64c910d884579875c52d57ac45acc47aa54" > https://github.com/nodemailer/nodemailer/commit/ba31c64c910d884579875c52d57ac45acc47aa54< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-7769" > https://nvd.nist.gov/vuln/detail/CVE-2020-7769< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1039742" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1039742< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-NODEMAILER-1038834" > https://snyk.io/vuln/SNYK-JS-NODEMAILER-1038834< / a > < br > < a href = "https://www.npmjs.com/package/nodemailer" > https://www.npmjs.com/package/nodemailer< / a > < br > < / details > |
| objection | CVE-2021-3766 | CRITICAL | 2.2.3 | 2.2.16 | < details > < summary > Expand...< / summary > < a href = "https://github.com/Vincit/objection.js/commit/46b842a6bc897198b83f41ac85c92864b991d7e9" > https://github.com/Vincit/objection.js/commit/46b842a6bc897198b83f41ac85c92864b991d7e9< / a > < br > < a href = "https://github.com/advisories/GHSA-r659-8xfp-j327" > https://github.com/advisories/GHSA-r659-8xfp-j327< / a > < br > < a href = "https://github.com/vincit/objection.js/commit/b41aab8dcd78f426f7468dcda541a7aca18a66a6" > https://github.com/vincit/objection.js/commit/b41aab8dcd78f426f7468dcda541a7aca18a66a6< / a > < br > < a href = "https://huntr.dev/bounties/c98e0f0e-ebf2-4072-be73-a1848ea031cc" > https://huntr.dev/bounties/c98e0f0e-ebf2-4072-be73-a1848ea031cc< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-3766" > https://nvd.nist.gov/vuln/detail/CVE-2021-3766< / a > < br > < / details > |
| passport-oauth2 | CVE-2021-41580 | MEDIUM | 1.2.0 | 1.6.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-f794-r6xc-hf3v" > https://github.com/advisories/GHSA-f794-r6xc-hf3v< / a > < br > < a href = "https://github.com/jaredhanson/passport-oauth2/commit/8e3bcdff145a2219033bd782fc517229fe3e05ea" > https://github.com/jaredhanson/passport-oauth2/commit/8e3bcdff145a2219033bd782fc517229fe3e05ea< / a > < br > < a href = "https://github.com/jaredhanson/passport-oauth2/compare/v1.6.0...v1.6.1" > https://github.com/jaredhanson/passport-oauth2/compare/v1.6.0...v1.6.1< / a > < br > < a href = "https://github.com/jaredhanson/passport-oauth2/pull/144" > https://github.com/jaredhanson/passport-oauth2/pull/144< / a > < br > < a href = "https://medium.com/passportjs/no-access-token-no-service-7fb017c9e262" > https://medium.com/passportjs/no-access-token-no-service-7fb017c9e262< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-41580" > https://nvd.nist.gov/vuln/detail/CVE-2021-41580< / a > < br > < / details > |
| passport-oauth2 | CVE-2021-41580 | MEDIUM | 1.5.0 | 1.6.1 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-f794-r6xc-hf3v" > https://github.com/advisories/GHSA-f794-r6xc-hf3v< / a > < br > < a href = "https://github.com/jaredhanson/passport-oauth2/commit/8e3bcdff145a2219033bd782fc517229fe3e05ea" > https://github.com/jaredhanson/passport-oauth2/commit/8e3bcdff145a2219033bd782fc517229fe3e05ea< / a > < br > < a href = "https://github.com/jaredhanson/passport-oauth2/compare/v1.6.0...v1.6.1" > https://github.com/jaredhanson/passport-oauth2/compare/v1.6.0...v1.6.1< / a > < br > < a href = "https://github.com/jaredhanson/passport-oauth2/pull/144" > https://github.com/jaredhanson/passport-oauth2/pull/144< / a > < br > < a href = "https://medium.com/passportjs/no-access-token-no-service-7fb017c9e262" > https://medium.com/passportjs/no-access-token-no-service-7fb017c9e262< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-41580" > https://nvd.nist.gov/vuln/detail/CVE-2021-41580< / a > < br > < / details > |
| passport-saml | CVE-2021-39171 | HIGH | 1.3.5 | 3.1.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-5379-r78w-42h2" > https://github.com/advisories/GHSA-5379-r78w-42h2< / a > < br > < a href = "https://github.com/node-saml/passport-saml/pull/595" > https://github.com/node-saml/passport-saml/pull/595< / a > < br > < a href = "https://github.com/node-saml/passport-saml/security/advisories/GHSA-5379-r78w-42h2" > https://github.com/node-saml/passport-saml/security/advisories/GHSA-5379-r78w-42h2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-39171" > https://nvd.nist.gov/vuln/detail/CVE-2021-39171< / a > < br > < / details > |
| ssh2 | CVE-2020-26301 | CRITICAL | 0.8.9 | 1.4.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-652h-xwhf-q4h6" > https://github.com/advisories/GHSA-652h-xwhf-q4h6< / a > < br > < a href = "https://github.com/mscdex/ssh2/commit/f763271f41320e71d5cbee02ea5bc6a2ded3ca21" > https://github.com/mscdex/ssh2/commit/f763271f41320e71d5cbee02ea5bc6a2ded3ca21< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-26301" > https://nvd.nist.gov/vuln/detail/CVE-2020-26301< / a > < br > < a href = "https://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/" > https://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/< / a > < br > < a href = "https://www.npmjs.com/package/ssh2" > https://www.npmjs.com/package/ssh2< / a > < br > < / details > |
| striptags | CVE-2021-32696 | MEDIUM | 3.1.1 | 3.2.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-qxg5-2qff-p49r" > https://github.com/advisories/GHSA-qxg5-2qff-p49r< / a > < br > < a href = "https://github.com/ericnorris/striptags/commit/f252a6b0819499cd65403707ebaf5cc925f2faca" > https://github.com/ericnorris/striptags/commit/f252a6b0819499cd65403707ebaf5cc925f2faca< / a > < br > < a href = "https://github.com/ericnorris/striptags/releases/tag/v3.2.0" > https://github.com/ericnorris/striptags/releases/tag/v3.2.0< / a > < br > < a href = "https://github.com/ericnorris/striptags/security/advisories/GHSA-qxg5-2qff-p49r" > https://github.com/ericnorris/striptags/security/advisories/GHSA-qxg5-2qff-p49r< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32696" > https://nvd.nist.gov/vuln/detail/CVE-2021-32696< / a > < br > < a href = "https://www.npmjs.com/package/striptags" > https://www.npmjs.com/package/striptags< / a > < br > < / details > |
| tar | CVE-2021-32803 | HIGH | 2.2.2 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20" > https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw" > https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32803.html" > https://linux.oracle.com/cve/CVE-2021-32803.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32803" > https://nvd.nist.gov/vuln/detail/CVE-2021-32803< / a > < br > < a href = "https://www.npmjs.com/advisories/1771" > https://www.npmjs.com/advisories/1771< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-32804 | HIGH | 2.2.2 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4" > https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9" > https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32804.html" > https://linux.oracle.com/cve/CVE-2021-32804.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3666.html" > https://linux.oracle.com/errata/ELSA-2021-3666.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32804" > https://nvd.nist.gov/vuln/detail/CVE-2021-32804< / a > < br > < a href = "https://www.npmjs.com/advisories/1770" > https://www.npmjs.com/advisories/1770< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37701 | HIGH | 2.2.2 | 6.1.7, 5.0.8, 4.4.16 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-9r2w-394v-53qc" > https://github.com/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc" > https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37701" > https://nvd.nist.gov/vuln/detail/CVE-2021-37701< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1779" > https://www.npmjs.com/advisories/1779< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37712 | HIGH | 2.2.2 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-qq89-hq3f-393p" > https://github.com/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p" > https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37712" > https://nvd.nist.gov/vuln/detail/CVE-2021-37712< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5008" > https://www.debian.org/security/2021/dsa-5008< / a > < br > < a href = "https://www.npmjs.com/advisories/1780" > https://www.npmjs.com/advisories/1780< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| tar | CVE-2021-37713 | HIGH | 2.2.2 | 6.1.9, 5.0.10, 4.4.18 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-5955-9wpr-37jh" > https://github.com/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh" > https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37713" > https://nvd.nist.gov/vuln/detail/CVE-2021-37713< / a > < br > < a href = "https://www.npmjs.com/package/tar" > https://www.npmjs.com/package/tar< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| underscore | CVE-2021-23358 | HIGH | 1.6.0 | 1.12.1 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358< / a > < br > < a href = "https://github.com/advisories/GHSA-cf4h-3jhx-xvhq" > https://github.com/advisories/GHSA-cf4h-3jhx-xvhq< / a > < br > < a href = "https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71" > https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71< / a > < br > < a href = "https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66" > https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66< / a > < br > < a href = "https://github.com/jashkenas/underscore/pull/2917" > https://github.com/jashkenas/underscore/pull/2917< / a > < br > < a href = "https://github.com/jashkenas/underscore/releases/tag/1.12.1" > https://github.com/jashkenas/underscore/releases/tag/1.12.1< / a > < br > < a href = "https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html" > https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23358" > https://nvd.nist.gov/vuln/detail/CVE-2021-23358< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984" > https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4913-1" > https://ubuntu.com/security/notices/USN-4913-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4913-2" > https://ubuntu.com/security/notices/USN-4913-2< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-4883" > https://www.debian.org/security/2021/dsa-4883< / a > < br > < a href = "https://www.npmjs.com/package/underscore" > https://www.npmjs.com/package/unders
| underscore | CVE-2021-23358 | HIGH | 1.8.3 | 1.12.1 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358< / a > < br > < a href = "https://github.com/advisories/GHSA-cf4h-3jhx-xvhq" > https://github.com/advisories/GHSA-cf4h-3jhx-xvhq< / a > < br > < a href = "https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71" > https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71< / a > < br > < a href = "https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66" > https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66< / a > < br > < a href = "https://github.com/jashkenas/underscore/pull/2917" > https://github.com/jashkenas/underscore/pull/2917< / a > < br > < a href = "https://github.com/jashkenas/underscore/releases/tag/1.12.1" > https://github.com/jashkenas/underscore/releases/tag/1.12.1< / a > < br > < a href = "https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E" > https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html" > https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23358" > https://nvd.nist.gov/vuln/detail/CVE-2021-23358< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503" > https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984" > https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4913-1" > https://ubuntu.com/security/notices/USN-4913-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4913-2" > https://ubuntu.com/security/notices/USN-4913-2< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-4883" > https://www.debian.org/security/2021/dsa-4883< / a > < br > < a href = "https://www.npmjs.com/package/underscore" > https://www.npmjs.com/package/unders
| ws | CVE-2021-32640 | MEDIUM | 7.4.5 | 5.2.3, 6.2.2, 7.4.6 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-6fc8-4gx4-v693" > https://github.com/advisories/GHSA-6fc8-4gx4-v693< / a > < br > < a href = "https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff" > https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff< / a > < br > < a href = "https://github.com/websockets/ws/issues/1895" > https://github.com/websockets/ws/issues/1895< / a > < br > < a href = "https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693" > https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693< / a > < br > < a href = "https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E" > https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32640" > https://nvd.nist.gov/vuln/detail/CVE-2021-32640< / a > < br > < / details > |
| xmldom | CVE-2021-21366 | MEDIUM | 0.1.31 | 0.5.0 | < details > < summary > Expand...< / summary > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21366" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21366< / a > < br > < a href = "https://github.com/advisories/GHSA-h6q6-9hqw-rwfv" > https://github.com/advisories/GHSA-h6q6-9hqw-rwfv< / a > < br > < a href = "https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135" > https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135< / a > < br > < a href = "https://github.com/xmldom/xmldom/releases/tag/0.5.0" > https://github.com/xmldom/xmldom/releases/tag/0.5.0< / a > < br > < a href = "https://github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv" > https://github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-21366" > https://nvd.nist.gov/vuln/detail/CVE-2021-21366< / a > < br > < a href = "https://www.npmjs.com/package/xmldom" > https://www.npmjs.com/package/xmldom< / a > < br > < / details > |
| xmldom | CVE-2021-32796 | MEDIUM | 0.1.31 | | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-5fg8-2547-mr8q" > https://github.com/advisories/GHSA-5fg8-2547-mr8q< / a > < br > < a href = "https://github.com/xmldom/xmldom/commit/7b4b743917a892d407356e055b296dcd6d107e8b" > https://github.com/xmldom/xmldom/commit/7b4b743917a892d407356e055b296dcd6d107e8b< / a > < br > < a href = "https://github.com/xmldom/xmldom/security/advisories/GHSA-5fg8-2547-mr8q" > https://github.com/xmldom/xmldom/security/advisories/GHSA-5fg8-2547-mr8q< / a > < br > < a href = "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/" > https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/< / a > < br > < a href = "https://mattermost.com/blog/securing-xml-implementations-across-the-web/" > https://mattermost.com/blog/securing-xml-implementations-across-the-web/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-32796" > https://nvd.nist.gov/vuln/detail/CVE-2021-32796< / a > < br > < a href = "https://www.npmjs.com/package/@xmldom/xmldom" > https://www.npmjs.com/package/@xmldom/xmldom< / a > < br > < / details > |