2021-12-05 00:50:14 +00:00
---
hide:
- toc
---
2021-12-05 23:17:30 +00:00
# Security Overview
2021-12-04 20:11:45 +00:00
2021-12-05 00:50:14 +00:00
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
2021-12-04 20:11:45 +00:00
## Helm-Chart
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Chart Object: organizr/templates/common.yaml
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-05 00:50:14 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
2022-06-21 09:20:23 +00:00
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' RELEASE-NAME-organizr' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv001" > https://avd.aquasec.com/misconfig/ksv001< / a > < br > < / details > |
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv001" > https://avd.aquasec.com/misconfig/ksv001< / a > < br > < / details > |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-organizr' of Deployment ' RELEASE-NAME-organizr' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv003" > https://avd.aquasec.com/misconfig/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-organizr' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv003" > https://avd.aquasec.com/misconfig/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' RELEASE-NAME-organizr' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv012" > https://avd.aquasec.com/misconfig/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv012" > https://avd.aquasec.com/misconfig/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-organizr' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv014" > https://avd.aquasec.com/misconfig/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv014" > https://avd.aquasec.com/misconfig/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv017" > https://avd.aquasec.com/misconfig/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | LOW | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' RELEASE-NAME-organizr' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv020" > https://avd.aquasec.com/misconfig/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | LOW | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv020" > https://avd.aquasec.com/misconfig/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | LOW | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' RELEASE-NAME-organizr' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv021" > https://avd.aquasec.com/misconfig/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | LOW | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-organizr' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv021" > https://avd.aquasec.com/misconfig/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW | < details > < summary > Expand...< / summary > The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles. < br > < hr > < br > Either Pod or Container should set ' securityContext.seccompProfile.type' to ' RuntimeDefault' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv030" > https://avd.aquasec.com/misconfig/ksv030< / a > < br > < / details > |
| Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW | < details > < summary > Expand...< / summary > The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles. < br > < hr > < br > Either Pod or Container should set ' securityContext.seccompProfile.type' to ' RuntimeDefault' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv030" > https://avd.aquasec.com/misconfig/ksv030< / a > < br > < / details > |
| Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root UID. < br > < hr > < br > securityContext.runAsUser should be set to a value greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv105" > https://avd.aquasec.com/misconfig/ksv105< / a > < br > < / details > |
| Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root UID. < br > < hr > < br > securityContext.runAsUser should be set to a value greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv105" > https://avd.aquasec.com/misconfig/ksv105< / a > < br > < / details > |
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | < details > < summary > Expand...< / summary > Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. < br > < hr > < br > container should drop all < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv106" > https://avd.aquasec.com/misconfig/ksv106< / a > < br > < / details > |
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | < details > < summary > Expand...< / summary > Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. < br > < hr > < br > container should drop all < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/misconfig/ksv106" > https://avd.aquasec.com/misconfig/ksv106< / a > < br > < / details > |
2021-12-04 20:11:45 +00:00
## Containers
##### Detected Containers
2022-06-21 09:20:23 +00:00
tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
2022-05-09 07:43:30 +00:00
tccr.io/truecharts/organizr:latest@sha256:96480dd4af2fe39608da37c463a03e8d48fd4431a543250cf496a7941e0d3904
2021-12-04 20:11:45 +00:00
##### Scan Results
2022-06-21 09:20:23 +00:00
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
2021-12-05 00:50:14 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2022-06-21 09:20:23 +00:00
| No Vulnerabilities found |
|:---------------------------------|
2021-12-05 00:50:14 +00:00
2022-05-09 07:43:30 +00:00
#### Container: tccr.io/truecharts/organizr:latest@sha256:96480dd4af2fe39608da37c463a03e8d48fd4431a543250cf496a7941e0d3904 (alpine 3.15.2)
2021-12-05 00:50:14 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-06-25 14:48:36 +00:00
| apache2-utils | CVE-2022-28615 | CRITICAL | 2.4.53-r0 | 2.4.54-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/06/08/9" > http://www.openwall.com/lists/oss-security/2022/06/08/9< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-28615" > https://access.redhat.com/security/cve/CVE-2022-28615< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html" > https://httpd.apache.org/security/vulnerabilities_24.html< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615" > https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220624-0005/" > https://security.netapp.com/advisory/ntap-20220624-0005/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-1" > https://ubuntu.com/security/notices/USN-5487-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-2" > https://ubuntu.com/security/notices/USN-5487-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-3" > https://ubuntu.com/security/notices/USN-5487-3< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/06/08/9" > https://www.openwall.com/lists/oss-security/2022/06/08/9< / a > < br > < / details > |
| apache2-utils | CVE-2022-31813 | CRITICAL | 2.4.53-r0 | 2.4.54-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/06/08/8" > http://www.openwall.com/lists/oss-security/2022/06/08/8< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-31813" > https://access.redhat.com/security/cve/CVE-2022-31813< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813< / a > < br > < a href = "https://github.com/apache/httpd/pull/320" > https://github.com/apache/httpd/pull/320< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html" > https://httpd.apache.org/security/vulnerabilities_24.html< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813" > https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220624-0005/" > https://security.netapp.com/advisory/ntap-20220624-0005/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-1" > https://ubuntu.com/security/notices/USN-5487-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-2" > https://ubuntu.com/security/notices/USN-5487-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-3" > https://ubuntu.com/security/notices/USN-5487-3< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/06/08/8" > https://www.openwall.com/lists/oss-security/2022/06/08/8< / a > < br > < / details > |
| apache2-utils | CVE-2022-26377 | HIGH | 2.4.53-r0 | 2.4.54-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/06/08/2" > http://www.openwall.com/lists/oss-security/2022/06/08/2< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-26377" > https://access.redhat.com/security/cve/CVE-2022-26377< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html" > https://httpd.apache.org/security/vulnerabilities_24.html< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377" > https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220624-0005/" > https://security.netapp.com/advisory/ntap-20220624-0005/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-1" > https://ubuntu.com/security/notices/USN-5487-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-2" > https://ubuntu.com/security/notices/USN-5487-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-3" > https://ubuntu.com/security/notices/USN-5487-3< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/06/08/2" > https://www.openwall.com/lists/oss-security/2022/06/08/2< / a > < br > < / details > |
| apache2-utils | CVE-2022-29404 | HIGH | 2.4.53-r0 | 2.4.54-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/06/08/5" > http://www.openwall.com/lists/oss-security/2022/06/08/5< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-29404" > https://access.redhat.com/security/cve/CVE-2022-29404< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html" > https://httpd.apache.org/security/vulnerabilities_24.html< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404" > https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220624-0005/" > https://security.netapp.com/advisory/ntap-20220624-0005/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-1" > https://ubuntu.com/security/notices/USN-5487-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-2" > https://ubuntu.com/security/notices/USN-5487-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-3" > https://ubuntu.com/security/notices/USN-5487-3< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/06/08/5" > https://www.openwall.com/lists/oss-security/2022/06/08/5< / a > < br > < / details > |
| apache2-utils | CVE-2022-30522 | HIGH | 2.4.53-r0 | 2.4.54-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/06/08/6" > http://www.openwall.com/lists/oss-security/2022/06/08/6< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-30522" > https://access.redhat.com/security/cve/CVE-2022-30522< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html" > https://httpd.apache.org/security/vulnerabilities_24.html< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522" > https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220624-0005/" > https://security.netapp.com/advisory/ntap-20220624-0005/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-1" > https://ubuntu.com/security/notices/USN-5487-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-2" > https://ubuntu.com/security/notices/USN-5487-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-3" > https://ubuntu.com/security/notices/USN-5487-3< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/06/08/6" > https://www.openwall.com/lists/oss-security/2022/06/08/6< / a > < br > < / details > |
| apache2-utils | CVE-2022-30556 | HIGH | 2.4.53-r0 | 2.4.54-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/06/08/7" > http://www.openwall.com/lists/oss-security/2022/06/08/7< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-30556" > https://access.redhat.com/security/cve/CVE-2022-30556< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html" > https://httpd.apache.org/security/vulnerabilities_24.html< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556" > https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220624-0005/" > https://security.netapp.com/advisory/ntap-20220624-0005/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-1" > https://ubuntu.com/security/notices/USN-5487-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-2" > https://ubuntu.com/security/notices/USN-5487-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-3" > https://ubuntu.com/security/notices/USN-5487-3< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/06/08/7" > https://www.openwall.com/lists/oss-security/2022/06/08/7< / a > < br > < / details > |
| apache2-utils | CVE-2022-28330 | MEDIUM | 2.4.53-r0 | 2.4.54-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/06/08/3" > http://www.openwall.com/lists/oss-security/2022/06/08/3< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-28330" > https://access.redhat.com/security/cve/CVE-2022-28330< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html" > https://httpd.apache.org/security/vulnerabilities_24.html< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28330" > https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28330< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220624-0005/" > https://security.netapp.com/advisory/ntap-20220624-0005/< / a > < br > < / details > |
| apache2-utils | CVE-2022-28614 | MEDIUM | 2.4.53-r0 | 2.4.54-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/06/08/4" > http://www.openwall.com/lists/oss-security/2022/06/08/4< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-28614" > https://access.redhat.com/security/cve/CVE-2022-28614< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html" > https://httpd.apache.org/security/vulnerabilities_24.html< / a > < br > < a href = "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614" > https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220624-0005/" > https://security.netapp.com/advisory/ntap-20220624-0005/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-1" > https://ubuntu.com/security/notices/USN-5487-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-2" > https://ubuntu.com/security/notices/USN-5487-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5487-3" > https://ubuntu.com/security/notices/USN-5487-3< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/06/08/4" > https://www.openwall.com/lists/oss-security/2022/06/08/4< / a > < br > < / details > |
2022-05-31 20:26:49 +00:00
| apr | CVE-2021-35940.patch | UNKNOWN | 1.7.0-r0 | 1.7.0-r1 | < details > < summary > Expand...< / summary > < / details > |
2022-05-10 21:17:41 +00:00
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| curl | CVE-2022-22576 | HIGH | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22576" > https://nvd.nist.gov/vuln/detail/CVE-2022-22576< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-21 09:20:23 +00:00
| curl | CVE-2022-27775 | HIGH | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://hackerone.com/reports/1546268" > https://hackerone.com/reports/1546268< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27775" > https://nvd.nist.gov/vuln/detail/CVE-2022-27775< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://hackerone.com/reports/1543773" > https://hackerone.com/reports/1543773< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27774" > https://nvd.nist.gov/vuln/detail/CVE-2022-27774< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://hackerone.com/reports/1547048" > https://hackerone.com/reports/1547048< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27776" > https://nvd.nist.gov/vuln/detail/CVE-2022-27776< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-05-17 19:25:52 +00:00
| git | CVE-2022-24765 | HIGH | 2.34.1-r0 | 2.34.2-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/31" > http://seclists.org/fulldisclosure/2022/May/31< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/04/12/7" > http://www.openwall.com/lists/oss-security/2022/04/12/7< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-24765" > https://access.redhat.com/security/cve/CVE-2022-24765< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765< / a > < br > < a href = "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash" > https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash< / a > < br > < a href = "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode" > https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode< / a > < br > < a href = "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2" > https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/< / a > < br > < a href = "https://support.apple.com/kb/HT213261" > https://support.apple.com/kb/HT213261< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5376-1" > https://ubuntu.com/security/notices/USN-5376-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5376-2" > https://ubuntu.com/security/notices/USN-5376-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5376-3" > https://ubuntu.com/security/notices/USN-5376-3< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| libcurl | CVE-2022-22576 | HIGH | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22576" > https://access.redhat.com/security/cve/CVE-2022-22576< / a > < br > < a href = "https://curl.se/docs/CVE-2022-22576.html" > https://curl.se/docs/CVE-2022-22576.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576< / a > < br > < a href = "https://hackerone.com/reports/1526328" > https://hackerone.com/reports/1526328< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22576" > https://nvd.nist.gov/vuln/detail/CVE-2022-22576< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-21 09:20:23 +00:00
| libcurl | CVE-2022-27775 | HIGH | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27775" > https://access.redhat.com/security/cve/CVE-2022-27775< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27775.html" > https://curl.se/docs/CVE-2022-27775.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775< / a > < br > < a href = "https://hackerone.com/reports/1546268" > https://hackerone.com/reports/1546268< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27775" > https://nvd.nist.gov/vuln/detail/CVE-2022-27775< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27774" > https://access.redhat.com/security/cve/CVE-2022-27774< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27774.html" > https://curl.se/docs/CVE-2022-27774.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774< / a > < br > < a href = "https://hackerone.com/reports/1543773" > https://hackerone.com/reports/1543773< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27774" > https://nvd.nist.gov/vuln/detail/CVE-2022-27774< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-27776" > https://access.redhat.com/security/cve/CVE-2022-27776< / a > < br > < a href = "https://curl.se/docs/CVE-2022-27776.html" > https://curl.se/docs/CVE-2022-27776.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776< / a > < br > < a href = "https://hackerone.com/reports/1547048" > https://hackerone.com/reports/1547048< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-27776" > https://nvd.nist.gov/vuln/detail/CVE-2022-27776< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0008/" > https://security.netapp.com/advisory/ntap-20220609-0008/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5397-1" > https://ubuntu.com/security/notices/USN-5397-1< / a > < br > < / details > |
2022-06-11 19:16:07 +00:00
| libldap | CVE-2022-29155 | CRITICAL | 2.6.0-r0 | 2.6.2-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-29155" > https://access.redhat.com/security/cve/CVE-2022-29155< / a > < br > < a href = "https://bugs.openldap.org/show_bug.cgi?id=9815" > https://bugs.openldap.org/show_bug.cgi?id=9815< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-29155" > https://nvd.nist.gov/vuln/detail/CVE-2022-29155< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220609-0007/" > https://security.netapp.com/advisory/ntap-20220609-0007/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5424-1" > https://ubuntu.com/security/notices/USN-5424-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5424-2" > https://ubuntu.com/security/notices/USN-5424-2< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5140" > https://www.debian.org/security/2022/dsa-5140< / a > < br > < / details > |
2022-06-07 18:33:12 +00:00
| libxml2 | CVE-2022-29824 | MEDIUM | 2.9.13-r0 | 2.9.14-r0 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html" > http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-29824" > https://access.redhat.com/security/cve/CVE-2022-29824< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)" > https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14" > https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14< / a > < br > < a href = "https://gitlab.gnome.org/GNOME/libxslt/-/tags" > https://gitlab.gnome.org/GNOME/libxslt/-/tags< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-29824" > https://nvd.nist.gov/vuln/detail/CVE-2022-29824< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5422-1" > https://ubuntu.com/security/notices/USN-5422-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5142" > https://www.debian.org/security/2022/dsa-5142< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| logrotate | CVE-2022-1348 | MEDIUM | 3.18.1-r1 | 3.18.1-r2 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/05/25/3" > http://www.openwall.com/lists/oss-security/2022/05/25/3< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/05/25/4" > http://www.openwall.com/lists/oss-security/2022/05/25/4< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/05/25/5" > http://www.openwall.com/lists/oss-security/2022/05/25/5< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-1348" > https://access.redhat.com/security/cve/CVE-2022-1348< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1348" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1348< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1348" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1348< / a > < br > < a href = "https://github.com/logrotate/logrotate/blame/master/logrotate.c#L3015-L3017" > https://github.com/logrotate/logrotate/blame/master/logrotate.c#L3015-L3017< / a > < br > < a href = "https://github.com/logrotate/logrotate/commit/f46d0bdfc9c53515c13880c501f4d2e1e7dd8b25" > https://github.com/logrotate/logrotate/commit/f46d0bdfc9c53515c13880c501f4d2e1e7dd8b25< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7EHGYRE6DSFSBXQIWYDGTSXKO6IFSJQ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7EHGYRE6DSFSBXQIWYDGTSXKO6IFSJQ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYEB4F37BY6GLEJKP2EPVAVQ6TA3HQKR/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYEB4F37BY6GLEJKP2EPVAVQ6TA3HQKR/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1348" > https://nvd.nist.gov/vuln/detail/CVE-2022-1348< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5447-1" > https://ubuntu.com/security/notices/USN-5447-1< / a > < br > < / details > |
| pcre2 | CVE-2022-1586 | CRITICAL | 10.39-r0 | 10.40-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1586" > https://access.redhat.com/security/cve/CVE-2022-1586< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2077976," > https://bugzilla.redhat.com/show_bug.cgi?id=2077976,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586< / a > < br > < a href = "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a," > https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,< / a > < br > < a href = "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c" > https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1586" > https://nvd.nist.gov/vuln/detail/CVE-2022-1586< / a > < br > < / details > |
| pcre2 | CVE-2022-1587 | CRITICAL | 10.39-r0 | 10.40-r0 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1587" > https://access.redhat.com/security/cve/CVE-2022-1587< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=2077983," > https://bugzilla.redhat.com/show_bug.cgi?id=2077983,< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587< / a > < br > < a href = "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0" > https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-1587" > https://nvd.nist.gov/vuln/detail/CVE-2022-1587< / a > < br > < / details > |
2022-05-10 21:17:41 +00:00
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-28391" > https://access.redhat.com/security/cve/CVE-2022-28391< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
2022-06-21 09:20:23 +00:00
| xz-libs | CVE-2022-1271 | HIGH | 5.2.5-r0 | 5.2.5-r1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-1537.html" > https://errata.almalinux.org/8/ALSA-2022-1537.html< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2022-1271.html" > https://linux.oracle.com/cve/CVE-2022-1271.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-5052.html" > https://linux.oracle.com/errata/ELSA-2022-5052.html< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
2022-06-14 14:56:43 +00:00
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/May/33" > http://seclists.org/fulldisclosure/2022/May/33< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/35" > http://seclists.org/fulldisclosure/2022/May/35< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/May/38" > http://seclists.org/fulldisclosure/2022/May/38< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://errata.almalinux.org/8/ALSA-2022-2201.html" > https://errata.almalinux.org/8/ALSA-2022-2201.html< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-25032.html" > https://linux.oracle.com/cve/CVE-2018-25032.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2022-2213.html" > https://linux.oracle.com/errata/ELSA-2022-2213.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" > https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220526-0009/" > https://security.netapp.com/advisory/ntap-20220526-0009/< / a > < br > < a href = "https://support.apple.com/kb/HT213255" > https://support.apple.com/kb/HT213255< / a > < br > < a href = "https://support.apple.com/kb/HT213256" > https://support.apple.com/kb/HT213256< / a > < br > < a href = "https://support.apple.com/kb/HT213257" > https://support.apple.com/kb/HT213257< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a
