2021-12-12 22:42:29 +00:00
---
hide:
- toc
---
# Security Overview
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
## Helm-Chart
##### Scan Results
#### Chart Object: htpcmanager/templates/common.yaml
2021-12-13 11:05:05 +00:00
2021-12-12 22:42:29 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-htpcmanager' of Deployment ' RELEASE-NAME-htpcmanager' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' RELEASE-NAME-htpcmanager' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-htpcmanager' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-htpcmanager' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-htpcmanager' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-htpcmanager' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-htpcmanager' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-htpcmanager' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
## Containers
##### Detected Containers
2022-03-26 15:30:42 +00:00
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
2021-12-12 22:42:29 +00:00
tccr.io/truecharts/htpcmanager:v2021.11.17
##### Scan Results
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2021-12-13 11:05:05 +00:00
2021-12-12 22:42:29 +00:00
**alpine**
2021-12-13 11:05:05 +00:00
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-05-10 21:17:41 +00:00
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-05-05 09:00:47 +00:00
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-25032.html" > https://linux.oracle.com/cve/CVE-2018-25032.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-1642.html" > https://linux.oracle.com/errata/ELSA-2022-1642.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2022-02-06 17:25:51 +00:00
**alpine**
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-05-10 21:17:41 +00:00
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-05-05 09:00:47 +00:00
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-25032.html" > https://linux.oracle.com/cve/CVE-2018-25032.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-1642.html" > https://linux.oracle.com/errata/ELSA-2022-1642.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
#### Container: Python
2021-12-13 11:05:05 +00:00
2021-12-12 22:42:29 +00:00
**python-pkg**
2021-12-13 11:05:05 +00:00
2022-01-13 17:23:23 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-03-30 20:23:21 +00:00
| Pillow | CVE-2022-22817 | CRITICAL | 8.4.0 | 9.0.0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22817" > https://access.redhat.com/security/cve/CVE-2022-22817< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817< / a > < br > < a href = "https://github.com/advisories/GHSA-8vj2-vxx3-667w" > https://github.com/advisories/GHSA-8vj2-vxx3-667w< / a > < br > < a href = "https://github.com/python-pillow/Pillow/commit/8531b01d6cdf0b70f256f93092caa2a5d91afc11" > https://github.com/python-pillow/Pillow/commit/8531b01d6cdf0b70f256f93092caa2a5d91afc11< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-22817.html" > https://linux.oracle.com/cve/CVE-2022-22817.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0643.html" > https://linux.oracle.com/errata/ELSA-2022-0643.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html" > https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22817" > https://nvd.nist.gov/vuln/detail/CVE-2022-22817< / a > < br > < a href = "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling" > https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling< / a > < br > < a href = "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval" > https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval< / a > < br > < a href = "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security" > https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5227-1" > https://ubuntu.com/security/notices/USN-5227-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5227-2" > https://ubuntu.com/security/notices/USN-5227-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5053" > https://www.debian.org/security/2022/dsa-5053< / a > < br > < / details > |
2022-04-12 17:24:36 +00:00
| Pillow | CVE-2022-24303 | CRITICAL | 8.4.0 | 9.0.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-24303" > https://access.redhat.com/security/cve/CVE-2022-24303< / a > < br > < a href = "https://github.com/advisories/GHSA-9j59-75qj-795w" > https://github.com/advisories/GHSA-9j59-75qj-795w< / a > < br > < a href = "https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26" > https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26< / a > < br > < a href = "https://github.com/python-pillow/Pillow/pull/3450" > https://github.com/python-pillow/Pillow/pull/3450< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W4ZUXPKEX72O3E5IHBPVY5ZCPMJ4GHHV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W4ZUXPKEX72O3E5IHBPVY5ZCPMJ4GHHV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XR6UP2XONXOVXI4446VY72R63YRO2YTP/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XR6UP2XONXOVXI4446VY72R63YRO2YTP/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-24303" > https://nvd.nist.gov/vuln/detail/CVE-2022-24303< / a > < br > < a href = "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html" > https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html< / a > < br > < a href = "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security" > https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security< / a > < br > < / details > |
2022-05-05 09:00:47 +00:00
| Pillow | CVE-2022-22815 | MEDIUM | 8.4.0 | 9.0.0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22815" > https://access.redhat.com/security/cve/CVE-2022-22815< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22815" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22815< / a > < br > < a href = "https://github.com/advisories/GHSA-pw3c-h7wp-cvhx" > https://github.com/advisories/GHSA-pw3c-h7wp-cvhx< / a > < br > < a href = "https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331" > https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331< / a > < br > < a href = "https://github.com/python-pillow/Pillow/commit/c48271ab354db49cdbd740bc45e13be4f0f7993c" > https://github.com/python-pillow/Pillow/commit/c48271ab354db49cdbd740bc45e13be4f0f7993c< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html" > https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22815" > https://nvd.nist.gov/vuln/detail/CVE-2022-22815< / a > < br > < a href = "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling" > https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5227-1" > https://ubuntu.com/security/notices/USN-5227-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5227-2" > https://ubuntu.com/security/notices/USN-5227-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5053" > https://www.debian.org/security/2022/dsa-5053< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| Pillow | CVE-2022-22816 | MEDIUM | 8.4.0 | 9.0.0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22816" > https://access.redhat.com/security/cve/CVE-2022-22816< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22816" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22816< / a > < br > < a href = "https://github.com/advisories/GHSA-xrcv-f9gm-v42c" > https://github.com/advisories/GHSA-xrcv-f9gm-v42c< / a > < br > < a href = "https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331" > https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-22816.html" > https://linux.oracle.com/cve/CVE-2022-22816.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-0643.html" > https://linux.oracle.com/errata/ELSA-2022-0643.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html" > https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22816" > https://nvd.nist.gov/vuln/detail/CVE-2022-22816< / a > < br > < a href = "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling" > https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5227-1" > https://ubuntu.com/security/notices/USN-5227-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5227-2" > https://ubuntu.com/security/notices/USN-5227-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5053" > https://www.debian.org/security/2022/dsa-5053< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
| Pillow | GHSA-4fx9-vc88-q2xc | LOW | 8.4.0 | 9.0.0 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-4fx9-vc88-q2xc" > https://github.com/advisories/GHSA-4fx9-vc88-q2xc< / a > < br > < a href = "https://github.com/python-pillow/Pillow/commit/baae9ec4b67c68e3adaf1208cf54e8de5e38a6fd" > https://github.com/python-pillow/Pillow/commit/baae9ec4b67c68e3adaf1208cf54e8de5e38a6fd< / a > < br > < a href = "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#ensure-jpegimageplugin-stops-at-the-end-of-a-truncated-file" > https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#ensure-jpegimageplugin-stops-at-the-end-of-a-truncated-file< / a > < br > < / details > |
2022-04-20 21:21:59 +00:00
| paramiko | CVE-2022-24302 | MEDIUM | 2.8.0 | 2.10.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-24302" > https://access.redhat.com/security/cve/CVE-2022-24302< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24302" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24302< / a > < br > < a href = "https://github.com/advisories/GHSA-f8q4-jwww-x3wv" > https://github.com/advisories/GHSA-f8q4-jwww-x3wv< / a > < br > < a href = "https://github.com/paramiko/paramiko/blob/363a28d94cada17f012c1604a3c99c71a2bda003/paramiko/pkey.py#L546" > https://github.com/paramiko/paramiko/blob/363a28d94cada17f012c1604a3c99c71a2bda003/paramiko/pkey.py#L546< / a > < br > < a href = "https://github.com/paramiko/paramiko/commit/4c491e299c9b800358b16fa4886d8d94f45abe2e" > https://github.com/paramiko/paramiko/commit/4c491e299c9b800358b16fa4886d8d94f45abe2e< / a > < br > < a href = "https://github.com/paramiko/paramiko/releases/tag/2.10.1" > https://github.com/paramiko/paramiko/releases/tag/2.10.1< / a > < br > < a href = "https://github.com/pypa/advisory-database/tree/main/vulns/paramiko/PYSEC-2022-166.yaml" > https://github.com/pypa/advisory-database/tree/main/vulns/paramiko/PYSEC-2022-166.yaml< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/03/msg00032.html" > https://lists.debian.org/debian-lts-announce/2022/03/msg00032.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LUEUEGILZ7MQXRSUF5VMMO4SWJQVPTQL/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LUEUEGILZ7MQXRSUF5VMMO4SWJQVPTQL/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPMKRUS4HO3P7NR7P4Y6CLHB4MBEE3AI/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPMKRUS4HO3P7NR7P4Y6CLHB4MBEE3AI/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U63MJ2VOLLQ35R7CYNREUHSXYLWNPVSB/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U63MJ2VOLLQ35R7CYNREUHSXYLWNPVSB/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-24302" > https://nvd.nist.gov/vuln/detail/CVE-2022-24302< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5351-1" > https://ubuntu.com/security/notices/USN-5351-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5351-2" > https://ubuntu.com/security/notices/USN-5351-2< / a > < br > < a href = "https://www.paramiko.org/changelog.html" > https://www.paramiko.org/changelog.html< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
**cargo**
2021-12-13 11:05:05 +00:00
2021-12-12 22:42:29 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-03-30 20:23:21 +00:00
| chrono | RUSTSEC-2020-0159 | UNKNOWN | 0.4.19 | | < details > < summary > Expand...< / summary > < a href = "https://crates.io/crates/chrono" > https://crates.io/crates/chrono< / a > < br > < a href = "https://github.com/chronotope/chrono/issues/499" > https://github.com/chronotope/chrono/issues/499< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2020-0159.html" > https://rustsec.org/advisories/RUSTSEC-2020-0159.html< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
**cargo**
2021-12-13 11:05:05 +00:00
2021-12-12 22:42:29 +00:00
| No Vulnerabilities found |
|:---------------------------------|
2021-12-13 11:05:05 +00:00
2021-12-12 22:42:29 +00:00
**cargo**
2021-12-13 11:05:05 +00:00
2021-12-12 22:42:29 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-03-30 20:23:21 +00:00
| crossbeam-deque | CVE-2021-32810 | CRITICAL | 0.7.3 | 0.7.4, 0.8.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-32810" > https://access.redhat.com/security/cve/CVE-2021-32810< / a > < br > < a href = "https://crates.io/crates/crossbeam-deque" > https://crates.io/crates/crossbeam-deque< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810< / a > < br > < a href = "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw" > https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2021-32810.html" > https://linux.oracle.com/cve/CVE-2021-32810.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2021-3841.html" > https://linux.oracle.com/errata/ELSA-2021-3841.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/" > https://lists.fedoraproj
2022-04-20 21:21:59 +00:00
| regex | CVE-2022-24713 | HIGH | 1.3.9 | 1.5.5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-24713" > https://access.redhat.com/security/cve/CVE-2022-24713< / a > < br > < a href = "https://crates.io/crates/regex" > https://crates.io/crates/regex< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713< / a > < br > < a href = "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e" > https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e< / a > < br > < a href = "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8" > https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8< / a > < br > < a href = "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw" > https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-24713.html" > https://linux.oracle.com/cve/CVE-2022-24713.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-1302.html" > https://linux.oracle.com/errata/ELSA-2022-1302.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0013.html" > https://rustsec.org/advisories/RUSTSEC-2022-0013.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5370-1" > https://ubuntu.com/security/notices/USN-5370-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5113" > https://www.debian.org/security/2022/dsa-5113< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5118" > https://www.debian.org/security/2022/dsa-5118< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
**cargo**
2021-12-13 11:05:05 +00:00
2022-01-25 20:07:41 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-04-20 21:21:59 +00:00
| regex | CVE-2022-24713 | HIGH | 1.2.0 | 1.5.5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-24713" > https://access.redhat.com/security/cve/CVE-2022-24713< / a > < br > < a href = "https://crates.io/crates/regex" > https://crates.io/crates/regex< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713< / a > < br > < a href = "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e" > https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e< / a > < br > < a href = "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8" > https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8< / a > < br > < a href = "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw" > https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-24713.html" > https://linux.oracle.com/cve/CVE-2022-24713.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-1302.html" > https://linux.oracle.com/errata/ELSA-2022-1302.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0013.html" > https://rustsec.org/advisories/RUSTSEC-2022-0013.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5370-1" > https://ubuntu.com/security/notices/USN-5370-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5113" > https://www.debian.org/security/2022/dsa-5113< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5118" > https://www.debian.org/security/2022/dsa-5118< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| thread_local | RUSTSEC-2022-0006 | UNKNOWN | 0.3.6 | 1.1.4 | < details > < summary > Expand...< / summary > < a href = "https://crates.io/crates/thread_local" > https://crates.io/crates/thread_local< / a > < br > < a href = "https://github.com/Amanieu/thread_local-rs/issues/33" > https://github.com/Amanieu/thread_local-rs/issues/33< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0006.html" > https://rustsec.org/advisories/RUSTSEC-2022-0006.html< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
**cargo**
2021-12-13 11:05:05 +00:00
2022-03-26 15:30:42 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-04-20 21:21:59 +00:00
| regex | CVE-2022-24713 | HIGH | 1.5.4 | 1.5.5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-24713" > https://access.redhat.com/security/cve/CVE-2022-24713< / a > < br > < a href = "https://crates.io/crates/regex" > https://crates.io/crates/regex< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713< / a > < br > < a href = "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e" > https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e< / a > < br > < a href = "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8" > https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8< / a > < br > < a href = "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw" > https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-24713.html" > https://linux.oracle.com/cve/CVE-2022-24713.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-1302.html" > https://linux.oracle.com/errata/ELSA-2022-1302.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/< / a > < br > < a href = "https://rustsec.org/advisories/RUSTSEC-2022-0013.html" > https://rustsec.org/advisories/RUSTSEC-2022-0013.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5370-1" > https://ubuntu.com/security/notices/USN-5370-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5113" > https://www.debian.org/security/2022/dsa-5113< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5118" > https://www.debian.org/security/2022/dsa-5118< / a > < br > < / details > |
2021-12-12 22:42:29 +00:00
**cargo**
2021-12-13 11:05:05 +00:00
2021-12-12 22:42:29 +00:00
| No Vulnerabilities found |
|:---------------------------------|