--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: remmina/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |

Expand...

A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'autopermissions' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.allowPrivilegeEscalation' to false

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001

| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |

Expand...

The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-remmina' of Deployment 'RELEASE-NAME-remmina' should add 'ALL' to 'securityContext.capabilities.drop'

Expand...

https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003

| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |

Expand...

The container should drop all default capabilities and add only those that are needed for its execution.

Container 'autopermissions' of Deployment 'RELEASE-NAME-remmina' should add 'ALL' to 'securityContext.capabilities.drop'

Expand...

https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-remmina' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-remmina' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

Container 'autopermissions' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

Expand...

Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.privileged' to false

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-remmina' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-remmina' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-remmina' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |

Expand...

Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-remmina' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029

| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/remmina:version-1.2.0-rcgit.29dfsg-1ubuntu1@sha256:c7795b9222063e436c77a94436da5e1bcdc1b13891f936673369588830a5ae8d ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391

| | curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://hackerone.com/reports/1526328
https://ubuntu.com/security/notices/USN-5397-1

| | curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://hackerone.com/reports/1543773
https://ubuntu.com/security/notices/USN-5397-1

| | curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://hackerone.com/reports/1547048
https://ubuntu.com/security/notices/USN-5397-1

| | curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://hackerone.com/reports/1546268
https://ubuntu.com/security/notices/USN-5397-1

| | libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |

Expand...

| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |

Expand...

http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-2201.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://security.netapp.com/advisory/ntap-20220526-0009/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3

| #### Container: tccr.io/truecharts/remmina:version-1.2.0-rcgit.29dfsg-1ubuntu1@sha256:c7795b9222063e436c77a94436da5e1bcdc1b13891f936673369588830a5ae8d (ubuntu 18.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | 4.4.18-2ubuntu1.3 |

Expand...

http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://access.redhat.com/security/cve/CVE-2019-18276
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-18276
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://ubuntu.com/security/notices/USN-5380-1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.youtube.com/watch?v=-wGtxJ8opa8

| | coreutils | CVE-2016-2781 | LOW | 8.28-1ubuntu1 | |

Expand...

http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://access.redhat.com/security/cve/CVE-2016-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2781

| | cpp | CVE-2020-13844 | MEDIUM | 1.176ubuntu2.3 | |

Expand...

http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8

| | cpp-7 | CVE-2020-13844 | MEDIUM | 7.5.0-3ubuntu1~18.04 | |

Expand...

Expand...

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-27782
https://curl.se/docs/CVE-2022-27782.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
https://hackerone.com/reports/1555796
https://ubuntu.com/security/notices/USN-5412-1

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-27781
https://curl.se/docs/CVE-2022-27781.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
https://github.com/curl/curl/commit/f6c335d63f
https://hackerone.com/reports/1555441
https://ubuntu.com/security/notices/USN-5412-1

Expand...

https://access.redhat.com/security/cve/CVE-2020-35512
https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
https://ubuntu.com/security/notices/USN-5244-2

Expand...

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html
https://access.redhat.com/articles/4264021
https://access.redhat.com/security/cve/CVE-2019-13050
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050
https://errata.almalinux.org/8/ALSA-2020-4490.html
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://linux.oracle.com/cve/CVE-2019-13050.html
https://linux.oracle.com/errata/ELSA-2020-4490.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
https://support.f5.com/csp/article/K08654551
https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS
https://tech.michaelaltfield.net/2019/07/14/mitigating-poisoned-pgp-certificates/
https://twitter.com/lambdafu/status/1147162583969009664
https://ubuntu.com/security/notices/USN-5431-1

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664
https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495
https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5
https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b
https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be
https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html
https://lists.debian.org/debian-security-announce/2022/msg00115.html
https://ubuntu.com/security/notices/USN-5446-1
https://ubuntu.com/security/notices/USN-5446-2

Expand...

https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | gpg | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | 2.2.4-1ubuntu1.5 |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | groff-base | CVE-2009-5080 | LOW | 1.22.3-10 | |

Expand...

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff.diff?r1=1.1;r2=1.2;f=h
http://openwall.com/lists/oss-security/2009/08/14/4
http://openwall.com/lists/oss-security/2009/08/14/5
http://www.mandriva.com/security/advisories?name=MDVSA-2013:085
http://www.mandriva.com/security/advisories?name=MDVSA-2013:086
https://access.redhat.com/security/cve/CVE-2009-5080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5080

Expand...

https://access.redhat.com/security/cve/CVE-2022-1271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
https://errata.almalinux.org/8/ALSA-2022-1537.html
https://linux.oracle.com/cve/CVE-2022-1271.html
https://linux.oracle.com/errata/ELSA-2022-2191.html
https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
https://ubuntu.com/security/notices/USN-5378-1
https://ubuntu.com/security/notices/USN-5378-2
https://ubuntu.com/security/notices/USN-5378-3
https://ubuntu.com/security/notices/USN-5378-4
https://www.openwall.com/lists/oss-security/2022/04/07/8

Expand...

http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763
https://access.redhat.com/security/cve/CVE-2018-20217
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217
https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086
https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/
https://security.netapp.com/advisory/ntap-20190416-0006/

Expand...

https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html

Expand...

https://access.redhat.com/security/cve/CVE-2021-37750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-37750.html
https://linux.oracle.com/errata/ELSA-2021-4788.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/
https://nvd.nist.gov/vuln/detail/CVE-2021-37750
https://security.netapp.com/advisory/ntap-20210923-0002/
https://web.mit.edu/kerberos/advisories/

Expand...

https://bugs.launchpad.net/apparmor/+bug/1597017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2016-1585

| | libasn1-8-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098
https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
https://github.com/heimdal/heimdal/compare/3e58559...bbafe72
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
https://seclists.org/bugtraq/2019/Jun/1
https://www.debian.org/security/2019/dsa-4455

| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1

| | libavahi-client3 | CVE-2021-26720 | LOW | 0.7-3.1ubuntu1.3 | |

Expand...

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982796
https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1870824
https://bugzilla.suse.com/show_bug.cgi?id=1180827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26720
https://metadata.ftp-master.debian.org/changelogs/main/a/avahi/avahi_0.8-4_changelog
https://nvd.nist.gov/vuln/detail/CVE-2021-26720
https://packages.debian.org/bullseye/avahi-daemon
https://packages.debian.org/buster/avahi-daemon
https://packages.debian.org/sid/avahi-daemon
https://security-tracker.debian.org/tracker/CVE-2021-26720
https://www.openwall.com/lists/oss-security/2021/02/15/2

| | libavahi-common-data | CVE-2021-26720 | LOW | 0.7-3.1ubuntu1.3 | |

Expand...

| | libavahi-common3 | CVE-2021-26720 | LOW | 0.7-3.1ubuntu1.3 | |

Expand...

| | libavahi-glib1 | CVE-2021-26720 | LOW | 0.7-3.1ubuntu1.3 | |

Expand...

| | libavahi-ui-gtk3-0 | CVE-2021-26720 | LOW | 0.7-3.1ubuntu1.3 | |

Expand...

Expand...

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json
https://access.redhat.com/security/cve/CVE-2021-3999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://linux.oracle.com/cve/CVE-2021-3999.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
https://www.openwall.com/lists/oss-security/2022/01/24/4

| | libc-bin | CVE-2009-5155 | LOW | 2.27-3ubuntu1.4 | |

Expand...

http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272
https://access.redhat.com/security/cve/CVE-2009-5155
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5155
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://security.netapp.com/advisory/ntap-20190315-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=11053
https://sourceware.org/bugzilla/show_bug.cgi?id=18986
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672
https://support.f5.com/csp/article/K64119434
https://support.f5.com/csp/article/K64119434?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4954-1

| | libc-bin | CVE-2015-8985 | LOW | 2.27-3ubuntu1.4 | |

Expand...

http://www.openwall.com/lists/oss-security/2017/02/14/9
http://www.securityfocus.com/bid/76916
https://access.redhat.com/security/cve/CVE-2015-8985
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8985
https://security.gentoo.org/glsa/201908-06

Expand...

http://openwall.com/lists/oss-security/2017/03/01/10
http://www.securityfocus.com/bid/96525
https://access.redhat.com/security/cve/CVE-2016-10228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228
https://linux.oracle.com/cve/CVE-2016-10228.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/show_bug.cgi?id=19519
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpuapr2022.html

| | libc-bin | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://access.redhat.com/security/cve/CVE-2016-10739
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://nvd.nist.gov/vuln/detail/CVE-2016-10739
https://sourceware.org/bugzilla/show_bug.cgi?id=20018

| | libc-bin | CVE-2016-20013 | LOW | 2.27-3ubuntu1.4 | |

Expand...

https://akkadia.org/drepper/SHA-crypt.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20013
https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/
https://twitter.com/solardiz/status/795601240151457793

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2020-27618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://nvd.nist.gov/vuln/detail/CVE-2020-27618
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html

Expand...

https://access.redhat.com/security/cve/CVE-2020-29562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
https://ubuntu.com/security/notices/USN-5310-1

Expand...

https://access.redhat.com/security/cve/CVE-2020-6096
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://nvd.nist.gov/vuln/detail/CVE-2020-6096
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://ubuntu.com/security/notices/USN-5310-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019

Expand...

http://www.openwall.com/lists/oss-security/2021/01/28/2
https://access.redhat.com/security/cve/CVE-2021-3326
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3326
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html

Expand...

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json
https://access.redhat.com/security/cve/CVE-2021-35942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://nvd.nist.gov/vuln/detail/CVE-2021-35942
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
https://ubuntu.com/security/notices/USN-5310-1

Expand...

https://access.redhat.com/security/cve/CVE-2022-23218
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://linux.oracle.com/cve/CVE-2022-23218.html
https://linux.oracle.com/errata/ELSA-2022-9421.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2

Expand...

https://access.redhat.com/security/cve/CVE-2022-23219
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://linux.oracle.com/cve/CVE-2022-23219.html
https://linux.oracle.com/errata/ELSA-2022-9421.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2

Expand...

| | libc6 | CVE-2009-5155 | LOW | 2.27-3ubuntu1.4 | |

Expand...

| | libc6 | CVE-2015-8985 | LOW | 2.27-3ubuntu1.4 | |

Expand...

Expand...

| | libc6 | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |

Expand...

| | libc6 | CVE-2016-20013 | LOW | 2.27-3ubuntu1.4 | |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | libcairo-gobject2 | CVE-2017-7475 | LOW | 1.15.10-2ubuntu0.1 | |

Expand...

http://seclists.org/oss-sec/2017/q2/151
https://access.redhat.com/security/cve/CVE-2017-7475
https://bugs.freedesktop.org/show_bug.cgi?id=100763
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
https://github.com/advisories/GHSA-5v3f-73gv-x7x5
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2017-7475

| | libcairo-gobject2 | CVE-2018-18064 | LOW | 1.15.10-2ubuntu0.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2018-18064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064
https://gitlab.freedesktop.org/cairo/cairo/issues/341
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcairo-gobject2 | CVE-2019-6461 | LOW | 1.15.10-2ubuntu0.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2019-6461
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/352
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-6461

| | libcairo2 | CVE-2017-7475 | LOW | 1.15.10-2ubuntu0.1 | |

Expand...

| | libcairo2 | CVE-2018-18064 | LOW | 1.15.10-2ubuntu0.1 | |

Expand...

| | libcairo2 | CVE-2019-6461 | LOW | 1.15.10-2ubuntu0.1 | |

Expand...

Expand...

| | libcroco3 | CVE-2017-7960 | LOW | 0.6.12-2 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html
https://access.redhat.com/security/cve/CVE-2017-7960
https://blogs.gentoo.org/ago/2017/04/17/libcroco-heap-overflow-and-undefined-behavior/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7960
https://git.gnome.org/browse/libcroco/commit/?id=898e3a8c8c0314d2e6b106809a8e3e93cf9d4394
https://security.gentoo.org/glsa/201707-13
https://ubuntu.com/security/notices/USN-5389-1

| | libcroco3 | CVE-2017-8834 | LOW | 0.6.12-2 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html
http://seclists.org/fulldisclosure/2017/Jun/10
http://www.openwall.com/lists/oss-security/2020/08/13/3
https://access.redhat.com/security/cve/CVE-2017-8834
https://bugzilla.gnome.org/show_bug.cgi?id=782647
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8834
https://ubuntu.com/security/notices/USN-5389-1
https://www.exploit-db.com/exploits/42147/

| | libcroco3 | CVE-2017-8871 | LOW | 0.6.12-2 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html
http://seclists.org/fulldisclosure/2017/Jun/10
http://www.openwall.com/lists/oss-security/2020/08/13/3
https://access.redhat.com/security/cve/CVE-2017-8871
https://bugzilla.gnome.org/show_bug.cgi?id=782649
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8871
https://ubuntu.com/security/notices/USN-5389-1
https://www.exploit-db.com/exploits/42147/

| | libcroco3 | CVE-2020-12825 | LOW | 0.6.12-2 | |

Expand...

http://www.openwall.com/lists/oss-security/2020/08/13/3
http://www.openwall.com/lists/oss-security/2020/09/08/3
https://access.redhat.com/security/cve/CVE-2020-12825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12825
https://errata.almalinux.org/8/ALSA-2020-3654.html
https://gitlab.gnome.org/GNOME/libcroco/-/issues/8
https://linux.oracle.com/cve/CVE-2020-12825.html
https://linux.oracle.com/errata/ELSA-2020-4072.html
https://ubuntu.com/security/notices/USN-5389-1

Expand...

https://access.redhat.com/security/cve/CVE-2022-26691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26691
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md
https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/
https://openprinting.github.io/cups-2.4.2
https://support.apple.com/en-in/HT213183
https://support.apple.com/en-us/HT213183
https://support.apple.com/en-us/HT213184
https://support.apple.com/en-us/HT213185
https://ubuntu.com/security/notices/USN-5454-1
https://ubuntu.com/security/notices/USN-5454-2
https://www.debian.org/security/2022/dsa-5149

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT210788
https://ubuntu.com/security/notices/USN-5454-1
https://ubuntu.com/security/notices/USN-5454-2

Expand...

https://access.redhat.com/security/cve/CVE-2020-10001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001
https://linux.oracle.com/cve/CVE-2020-10001.html
https://linux.oracle.com/errata/ELSA-2021-4393.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html
https://support.apple.com/en-us/HT212011
https://ubuntu.com/security/notices/USN-5454-1
https://ubuntu.com/security/notices/USN-5454-2

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25235
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
https://github.com/libexpat/libexpat/pull/562
https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)
https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)
https://linux.oracle.com/cve/CVE-2022-25235.html
https://linux.oracle.com/errata/ELSA-2022-9359.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25235
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html

Expand...

http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html
http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25236
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
https://github.com/libexpat/libexpat/pull/561
https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)
https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)
https://github.com/libexpat/libexpat/pull/577
https://linux.oracle.com/cve/CVE-2022-25236.html
https://linux.oracle.com/errata/ELSA-2022-9359.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25236
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-46143
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
https://github.com/libexpat/libexpat/issues/532
https://github.com/libexpat/libexpat/pull/538
https://linux.oracle.com/cve/CVE-2021-46143.html
https://linux.oracle.com/errata/ELSA-2022-9227.html
https://nvd.nist.gov/vuln/detail/CVE-2021-46143
https://security.netapp.com/advisory/ntap-20220121-0006/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22822.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22822
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22823.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22823
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22824.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22824
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22825.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22825
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22826.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22826
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22827.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22827
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

https://access.redhat.com/security/cve/CVE-2022-23852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
https://linux.oracle.com/cve/CVE-2022-23852.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23852
https://security.netapp.com/advisory/ntap-20220217-0001/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-05

Expand...

https://access.redhat.com/security/cve/CVE-2022-23990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
https://linux.oracle.com/cve/CVE-2022-23990.html
https://linux.oracle.com/errata/ELSA-2022-9232.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://nvd.nist.gov/vuln/detail/CVE-2022-23990
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25313
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
https://github.com/libexpat/libexpat/pull/558
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25313
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html

Expand...

http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25314
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
https://github.com/libexpat/libexpat/pull/560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25314
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html

Expand...

http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25315
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
https://github.com/libexpat/libexpat/pull/559
https://linux.oracle.com/cve/CVE-2022-25315.html
https://linux.oracle.com/errata/ELSA-2022-9359.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25315
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-45960
https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
https://github.com/libexpat/libexpat/issues/531
https://github.com/libexpat/libexpat/pull/534
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
https://linux.oracle.com/cve/CVE-2021-45960.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2021-45960
https://security.netapp.com/advisory/ntap-20220121-0004/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

| | libflac8 | CVE-2020-0499 | LOW | 1.3.2-1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2020-0499
https://android.googlesource.com/platform/external/flac/+/029048f823ced50f63a92e25073427ec3a9bd909%5E%21/#F0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/01/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33W6XZAAEJYRGU3XYHRO7XSYEA7YACUB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNZYTAU5UWBVXVJ4VHDWPR66ZVDLQZRE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPA5GAEKPXKAHGHHBI4X7AFNI4BMOVG3/
https://source.android.com/security/bulletin/pixel/2020-12-01

Expand...

https://access.redhat.com/security/cve/CVE-2022-24882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24882
https://github.com/FreeRDP/FreeRDP/pull/7750
https://github.com/FreeRDP/FreeRDP/releases/tag/2.7.0
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6x5p-gp49-3jhh
https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/95
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AELSWWBAM2YONRPGLWVDY6UNTLJERJYL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOYKBQOHSRM7JQYUIYUWFOXI2JZ2J5RD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PZWR6KSIKXO4B2TXBB3WH6YTNYHN46OY/
https://ubuntu.com/security/notices/USN-5461-1

Expand...

https://access.redhat.com/security/cve/CVE-2022-24883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24883
https://github.com/FreeRDP/FreeRDP/commit/4661492e5a617199457c8074bad22f766a116cdc
https://github.com/FreeRDP/FreeRDP/commit/6f473b273a4b6f0cb6aca32b95e22fd0de88e144
https://github.com/FreeRDP/FreeRDP/releases/tag/2.7.0
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qxm3-v2r6-vmwf
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AELSWWBAM2YONRPGLWVDY6UNTLJERJYL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOYKBQOHSRM7JQYUIYUWFOXI2JZ2J5RD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PZWR6KSIKXO4B2TXBB3WH6YTNYHN46OY/
https://ubuntu.com/security/notices/USN-5461-1

Expand...

Expand...

Expand...

| | libfreetype6 | CVE-2022-27405 | LOW | 2.8.1-2ubuntu2.1 | |

Expand...

| | libfreetype6 | CVE-2022-27406 | LOW | 2.8.1-2ubuntu2.1 | |

Expand...

| | libfuse2 | CVE-2018-10906 | LOW | 2.9.7-1ubuntu1 | |

Expand...

https://access.redhat.com/errata/RHSA-2018:3324
https://access.redhat.com/security/cve/CVE-2018-10906
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10906
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10906
https://github.com/libfuse/libfuse/pull/268
https://linux.oracle.com/cve/CVE-2018-10906.html
https://linux.oracle.com/errata/ELSA-2020-5773.html
https://lists.debian.org/debian-lts-announce/2018/08/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XYA6PXT5PPWVK7CM7K4YRCYWA37DODB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A253TZWZK6R7PT2S5JIEAQJR2TYKX7V2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BREAIWIK64DRJWHIGR47L2D5YICY4HQ3/
https://nvd.nist.gov/vuln/detail/CVE-2018-10906
https://sourceforge.net/p/fuse/mailman/message/36374753/
https://ubuntu.com/security/notices/USN-5326-1
https://www.debian.org/security/2018/dsa-4257
https://www.exploit-db.com/exploits/45106/

Expand...

| | libgdk-pixbuf2.0-0 | CVE-2021-44648 | MEDIUM | 2.36.11-2 | |

Expand...

https://access.redhat.com/security/cve/CVE-2021-44648
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/
https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/

| | libgdk-pixbuf2.0-common | CVE-2021-44648 | MEDIUM | 2.36.11-2 | |

Expand...

| | libgif7 | CVE-2020-23922 | LOW | 5.1.4-2ubuntu0.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2020-23922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23922
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://sourceforge.net/p/giflib/bugs/151/

| | libgif7 | CVE-2022-28506 | LOW | 5.1.4-2ubuntu0.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2022-28506
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28506
https://github.com/verf1sh/Poc/blob/master/asan_report_giflib.png
https://github.com/verf1sh/Poc/blob/master/giflib_poc
https://nvd.nist.gov/vuln/detail/CVE-2022-28506
https://sourceforge.net/p/giflib/bugs/159/

Expand...

https://access.redhat.com/security/cve/CVE-2021-3800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800
https://linux.oracle.com/cve/CVE-2021-3800.html
https://linux.oracle.com/errata/ELSA-2021-4385.html
https://ubuntu.com/security/notices/USN-5189-1
https://www.openwall.com/lists/oss-security/2017/06/23/8

| | libgnutls30 | CVE-2018-16868 | LOW | 3.5.18-1ubuntu1.5 | |

Expand...

http://cat.eyalro.net/
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00068.html
http://www.securityfocus.com/bid/106080
https://access.redhat.com/security/cve/CVE-2018-16868
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16868

Expand...

Expand...

Expand...

| | libgssapi3-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libhcrypto4-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libheimbase1-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libheimntlm0-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libhx509-5-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libjack-jackd2-0 | CVE-2019-13351 | LOW | 1.9.12~dfsg-2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13351
https://github.com/jackaudio/jack2/pull/480
https://github.com/xbmc/xbmc/issues/16258

| | libjbig0 | CVE-2017-9937 | LOW | 2.1-3.1build1 | |

Expand...

http://bugzilla.maptools.org/show_bug.cgi?id=2707
http://www.securityfocus.com/bid/99304
https://access.redhat.com/security/cve/CVE-2017-9937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libjpeg-turbo8 | CVE-2018-11813 | LOW | 1.5.2-0ubuntu5.18.04.4 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html
http://www.ijg.org/files/jpegsrc.v9d.tar.gz
https://access.redhat.com/errata/RHSA-2019:2052
https://access.redhat.com/security/cve/CVE-2018-11813
https://bugs.gentoo.org/727908
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11813
https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf
https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9c
https://linux.oracle.com/cve/CVE-2018-11813.html
https://linux.oracle.com/errata/ELSA-2019-2052.html

| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 1.5.2-0ubuntu5.18.04.4 | |

Expand...

https://access.redhat.com/security/cve/CVE-2020-17541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html
https://nvd.nist.gov/vuln/detail/CVE-2020-17541

Expand...

Expand...

Expand...

| | libkrb5-26-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-29155
https://bugs.openldap.org/show_bug.cgi?id=9815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155
https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html
https://nvd.nist.gov/vuln/detail/CVE-2022-29155
https://ubuntu.com/security/notices/USN-5424-1
https://ubuntu.com/security/notices/USN-5424-2
https://www.debian.org/security/2022/dsa-5140

Expand...

Expand...

| | libncurses5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://access.redhat.com/security/cve/CVE-2019-17594
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://errata.almalinux.org/8/ALSA-2021-4426.html
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | libncurses5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://access.redhat.com/security/cve/CVE-2019-17595
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://errata.almalinux.org/8/ALSA-2021-4426.html
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | libncursesw5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

| | libncursesw5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://access.redhat.com/security/cve/CVE-2019-17595
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://errata.almalinux.org/8/ALSA-2021-4426.html
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.html
https://access.redhat.com/errata/RHSA-2019:2692
https://access.redhat.com/errata/RHSA-2019:2745
https://access.redhat.com/errata/RHSA-2019:2746
https://access.redhat.com/errata/RHSA-2019:2775
https://access.redhat.com/errata/RHSA-2019:2799
https://access.redhat.com/errata/RHSA-2019:2925
https://access.redhat.com/errata/RHSA-2019:2939
https://access.redhat.com/errata/RHSA-2019:2949
https://access.redhat.com/errata/RHSA-2019:2955
https://access.redhat.com/errata/RHSA-2019:2966
https://access.redhat.com/errata/RHSA-2019:3041
https://access.redhat.com/errata/RHSA-2019:3932
https://access.redhat.com/errata/RHSA-2019:3933
https://access.redhat.com/errata/RHSA-2019:3935
https://access.redhat.com/errata/RHSA-2019:4018
https://access.redhat.com/errata/RHSA-2019:4019
https://access.redhat.com/errata/RHSA-2019:4020
https://access.redhat.com/errata/RHSA-2019:4021
https://access.redhat.com/security/cve/CVE-2019-9511
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
https://errata.almalinux.org/8/ALSA-2019-2925.html
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
https://kb.cert.org/vuls/id/605641/
https://kc.mcafee.com/corporate/index?page=content&id=SB10296
https://linux.oracle.com/cve/CVE-2019-9511.html
https://linux.oracle.com/errata/ELSA-2020-5862.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BP556LEG3WENHZI5TAQ6ZEBFTJB4E2IS/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUBYAF6ED3O4XCHQ5C2HYENJLXYXZC4M/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZLUYPYY3RX4ZJDWZRJIKSULYRJ4PXW7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPAEC4FWL4UU4LDEGPY5NPALU24FFQD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TAZZEVTCN2B4WT6AIBJ7XGYJMBTORJU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XHTKU7YQ5EEP2XNSAV4M4VJ7QCBOJMOD/
https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2019-9511
https://seclists.org/bugtraq/2019/Aug/40
https://seclists.org/bugtraq/2019/Sep/1
https://security.netapp.com/advisory/ntap-20190823-0002/
https://security.netapp.com/advisory/ntap-20190823-0005/
https://support.f5.com/csp/article/K02591030
https://support.f5.com/csp/article/K02591030?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4099-1
https://usn.ubuntu.com/4099-1/
https://www.debian.org/security/2019/dsa-4505
https://www.debian.org/security/2019/dsa-4511
https://www.debian.org/security/2020/dsa-4669
https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.synology.com/security/advisory/Synology_SA_19_33

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.html
https://access.redhat.com/errata/RHSA-2019:2692
https://access.redhat.com/errata/RHSA-2019:2745
https://access.redhat.com/errata/RHSA-2019:2746
https://access.redhat.com/errata/RHSA-2019:2775
https://access.redhat.com/errata/RHSA-2019:2799
https://access.redhat.com/errata/RHSA-2019:2925
https://access.redhat.com/errata/RHSA-2019:2939
https://access.redhat.com/errata/RHSA-2019:2949
https://access.redhat.com/errata/RHSA-2019:2955
https://access.redhat.com/errata/RHSA-2019:2966
https://access.redhat.com/errata/RHSA-2019:3041
https://access.redhat.com/errata/RHSA-2019:3932
https://access.redhat.com/errata/RHSA-2019:3933
https://access.redhat.com/errata/RHSA-2019:3935
https://access.redhat.com/security/cve/CVE-2019-9513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
https://errata.almalinux.org/8/ALSA-2019-2925.html
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
https://kb.cert.org/vuls/id/605641/
https://kc.mcafee.com/corporate/index?page=content&id=SB10296
https://linux.oracle.com/cve/CVE-2019-9513.html
https://linux.oracle.com/errata/ELSA-2019-2925.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUBYAF6ED3O4XCHQ5C2HYENJLXYXZC4M/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZLUYPYY3RX4ZJDWZRJIKSULYRJ4PXW7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPAEC4FWL4UU4LDEGPY5NPALU24FFQD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TAZZEVTCN2B4WT6AIBJ7XGYJMBTORJU5/
https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/
https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2019-9513
https://seclists.org/bugtraq/2019/Aug/40
https://seclists.org/bugtraq/2019/Sep/1
https://security.netapp.com/advisory/ntap-20190823-0002/
https://security.netapp.com/advisory/ntap-20190823-0005/
https://support.f5.com/csp/article/K02591030
https://support.f5.com/csp/article/K02591030?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4099-1
https://usn.ubuntu.com/4099-1/
https://www.debian.org/security/2019/dsa-4505
https://www.debian.org/security/2019/dsa-4511
https://www.debian.org/security/2020/dsa-4669
https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.synology.com/security/advisory/Synology_SA_19_33

Expand...

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43527.json
https://access.redhat.com/security/cve/CVE-2021-43527
https://bugzilla.mozilla.org/show_bug.cgi?id=1737470
https://cert-portal.siemens.com/productcert/pdf/ssa-594438.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527
https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_68_1_RTM/
https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_73_RTM/
https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
https://linux.oracle.com/cve/CVE-2021-43527.html
https://linux.oracle.com/errata/ELSA-2021-9591.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43527
https://security.netapp.com/advisory/ntap-20211229-0002/
https://ubuntu.com/security/notices/USN-5168-1
https://ubuntu.com/security/notices/USN-5168-2
https://ubuntu.com/security/notices/USN-5168-3
https://ubuntu.com/security/notices/USN-5168-4
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
https://www.mozilla.org/security/advisories/mfsa2021-51/
https://www.oracle.com/security-alerts/cpuapr2022.html

| | libnss3 | CVE-2017-11695 | LOW | 2:3.35-2ubuntu2.12 | |

Expand...

http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html
http://seclists.org/fulldisclosure/2017/Aug/17
http://www.geeknik.net/9brdqk6xu
http://www.securityfocus.com/bid/100345
http://www.securitytracker.com/id/1039153
https://access.redhat.com/security/cve/CVE-2017-11695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11695
https://security.gentoo.org/glsa/202003-37

| | libnss3 | CVE-2017-11696 | LOW | 2:3.35-2ubuntu2.12 | |

Expand...

http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html
http://seclists.org/fulldisclosure/2017/Aug/17
http://www.geeknik.net/9brdqk6xu
http://www.securityfocus.com/bid/100345
http://www.securitytracker.com/id/1039153
https://access.redhat.com/security/cve/CVE-2017-11696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11696
https://security.gentoo.org/glsa/202003-37

| | libnss3 | CVE-2017-11697 | LOW | 2:3.35-2ubuntu2.12 | |

Expand...

http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html
http://seclists.org/fulldisclosure/2017/Aug/17
http://www.geeknik.net/9brdqk6xu
http://www.securityfocus.com/bid/100345
http://www.securitytracker.com/id/1039153
https://access.redhat.com/security/cve/CVE-2017-11697
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11697
https://security.gentoo.org/glsa/202003-37

| | libnss3 | CVE-2017-11698 | LOW | 2:3.35-2ubuntu2.12 | |

Expand...

http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html
http://seclists.org/fulldisclosure/2017/Aug/17
http://www.geeknik.net/9brdqk6xu
http://www.securityfocus.com/bid/100345
http://www.securitytracker.com/id/1039153
https://access.redhat.com/security/cve/CVE-2017-11698
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11698
https://security.gentoo.org/glsa/202003-37

Expand...

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25648.json
https://access.redhat.com/security/cve/CVE-2020-25648
https://bugzilla.redhat.com/show_bug.cgi?id=1887319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25648
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
https://linux.oracle.com/cve/CVE-2020-25648.html
https://linux.oracle.com/errata/ELSA-2021-3572.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRM53IQCPZT2US3M7JXTP6I6IBA5RGOD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPOLN6DJUYQ3QBQEGLZGV73SNIPK7GHV/
https://ubuntu.com/security/notices/USN-5410-1
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html

| | libnss3 | CVE-2022-22747 | LOW | 2:3.35-2ubuntu2.12 | |

Expand...

https://access.redhat.com/security/cve/CVE-2022-22747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747
https://linux.oracle.com/cve/CVE-2022-22747.html
https://linux.oracle.com/errata/ELSA-2022-0130.html
https://ubuntu.com/security/notices/USN-5229-1
https://ubuntu.com/security/notices/USN-5246-1
https://ubuntu.com/security/notices/USN-5248-1
https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/#CVE-2022-22747

| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-9 | |

Expand...

http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://access.redhat.com/security/cve/CVE-2017-11164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-9 | 2:8.39-9ubuntu0.1 |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://access.redhat.com/security/cve/CVE-2019-20838
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://errata.almalinux.org/8/ALSA-2021-4373.html
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-20838
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://ubuntu.com/security/notices/USN-5425-1
https://www.pcre.org/original/changelog.txt

| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-9 | 2:8.39-9ubuntu0.1 |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://access.redhat.com/security/cve/CVE-2020-14155
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://errata.almalinux.org/8/ALSA-2021-4373.html
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-14155
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://ubuntu.com/security/notices/USN-5425-1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.pcre.org/original/changelog.txt

| | libpng16-16 | CVE-2018-14048 | LOW | 1.6.34-1ubuntu0.18.04.2 | |

Expand...

http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://access.redhat.com/security/cve/CVE-2018-14048
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14048
https://github.com/fouzhe/security/tree/master/libpng
https://github.com/glennrp/libpng/issues/238
https://seclists.org/bugtraq/2019/Apr/30
https://security.gentoo.org/glsa/201908-02
https://ubuntu.com/security/notices/USN-5432-1

Expand...

http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4034.json
https://access.redhat.com/security/cve/CVE-2021-4034
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001
https://bugzilla.redhat.com/show_bug.cgi?id=2025869
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034
https://errata.almalinux.org/8/ALSA-2022-0267.html
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683
https://linux.oracle.com/cve/CVE-2021-4034.html
https://linux.oracle.com/errata/ELSA-2022-9073.html
https://nvd.nist.gov/vuln/detail/CVE-2021-4034
https://ubuntu.com/security/notices/USN-5252-1
https://ubuntu.com/security/notices/USN-5252-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
https://www.suse.com/support/kb/doc/?id=000020564

| | libpolkit-gobject-1-0 | CVE-2016-2568 | LOW | 0.105-20ubuntu0.18.04.5 | |

Expand...

http://seclists.org/oss-sec/2016/q1/443
http://www.openwall.com/lists/oss-security/2016/02/26/3
https://access.redhat.com/security/cve/CVE-2016-2568
https://access.redhat.com/security/cve/cve-2016-2568
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062
https://bugzilla.redhat.com/show_bug.cgi?id=1300746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2568
https://ubuntu.com/security/CVE-2016-2568

Expand...

https://access.redhat.com/security/cve/CVE-2021-4189
https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://errata.almalinux.org/8/ALSA-2022-1986.html
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
https://linux.oracle.com/cve/CVE-2021-4189.html
https://linux.oracle.com/errata/ELSA-2022-1986.html
https://ubuntu.com/security/notices/USN-5342-1

Expand...

https://access.redhat.com/security/cve/CVE-2022-0391
https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://errata.almalinux.org/8/ALSA-2022-1821.html
https://linux.oracle.com/cve/CVE-2022-0391.html
https://linux.oracle.com/errata/ELSA-2022-1821.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://nvd.nist.gov/vuln/detail/CVE-2022-0391
https://security.netapp.com/advisory/ntap-20220225-0009/
https://ubuntu.com/security/notices/USN-5342-1
https://www.oracle.com/security-alerts/cpuapr2022.html

| | libpython2.7-minimal | CVE-2015-20107 | LOW | 2.7.17-1~18.04ubuntu1.6 | |

Expand...

https://access.redhat.com/security/cve/CVE-2015-20107
https://bugs.python.org/issue24778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107
https://github.com/python/cpython/issues/68966
https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80
https://github.com/python/cpython/pull/91993
https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/
https://nvd.nist.gov/vuln/detail/CVE-2015-20107

Expand...

Expand...

| | libpython2.7-stdlib | CVE-2015-20107 | LOW | 2.7.17-1~18.04ubuntu1.6 | |

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2021-3733
https://bugs.python.org/issue43075
https://bugzilla.redhat.com/show_bug.cgi?id=1995234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://errata.almalinux.org/8/ALSA-2022-1821.html
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2022-1821.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3733
https://security.netapp.com/advisory/ntap-20220407-0001/
https://ubuntu.com/security/CVE-2021-3733
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1

Expand...

Expand...

Expand...

| | libpython3.6-minimal | CVE-2015-20107 | LOW | 3.6.9-1~18.04ubuntu1.4 | |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | libpython3.6-stdlib | CVE-2015-20107 | LOW | 3.6.9-1~18.04ubuntu1.4 | |

Expand...

Expand...

| | libroken18-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | librsvg2-2 | CVE-2019-20446 | LOW | 2.40.20-2ubuntu0.2 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html
https://access.redhat.com/security/cve/CVE-2019-20446
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20446
https://gitlab.gnome.org/GNOME/librsvg/issues/515
https://linux.oracle.com/cve/CVE-2019-20446.html
https://linux.oracle.com/errata/ELSA-2020-4709.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/
https://ubuntu.com/security/notices/USN-4436-1
https://ubuntu.com/security/notices/USN-4436-2
https://usn.ubuntu.com/4436-1/

| | librsvg2-common | CVE-2019-20446 | LOW | 2.40.20-2ubuntu0.2 | |

Expand...

Expand...

http://www.openwall.com/lists/oss-security/2022/02/23/4
https://access.redhat.com/security/cve/CVE-2022-24407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-9239.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00002.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FIXU75Q6RBNK6UYM7MQ3TCFGXR7AX4U/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H26R4SMGM3WHXX4XYNNJB4YGFIL5UNF4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZC6BMPI3V3MC2IGNLN377ETUWO7QBIH/
https://nvd.nist.gov/vuln/detail/CVE-2022-24407
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
https://www.debian.org/security/2022/dsa-5087

Expand...

Expand...

| | libsepol1 | CVE-2021-36084 | LOW | 2.7-1 | 2.7-1ubuntu0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-36084
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1

| | libsepol1 | CVE-2021-36085 | LOW | 2.7-1 | 2.7-1ubuntu0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-36085
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1

| | libsepol1 | CVE-2021-36086 | LOW | 2.7-1 | 2.7-1ubuntu0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-36086
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1

| | libsepol1 | CVE-2021-36087 | LOW | 2.7-1 | 2.7-1ubuntu0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-36087
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
https://ubuntu.com/security/notices/USN-5391-1

| | libsndfile1 | CVE-2021-4156 | LOW | 1.0.28-4ubuntu0.18.04.2 | |

Expand...

https://access.redhat.com/security/cve/CVE-2021-4156
https://bugzilla.redhat.com/show_bug.cgi?id=2027690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4156
https://errata.almalinux.org/8/ALSA-2022-1968.html
https://github.com/libsndfile/libsndfile/issues/731
https://github.com/libsndfile/libsndfile/pull/732/commits/4c30646abf7834e406f7e2429c70bc254e18beab
https://linux.oracle.com/cve/CVE-2021-4156.html
https://linux.oracle.com/errata/ELSA-2022-1968.html
https://ubuntu.com/security/notices/USN-5409-1

Expand...

https://access.redhat.com/security/cve/CVE-2020-23903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23903
https://github.com/xiph/speex/issues/13
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LXCRAYNW5ESCE2PIGTUXZNZHNYFLJ6PX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3SEV2ZRR47GSD3M7O5PH4XEJMKJJNG2/
https://ubuntu.com/security/notices/USN-5280-1

Expand...

http://www.securityfocus.com/bid/103413
https://access.redhat.com/security/cve/CVE-2017-12194
https://bugzilla.redhat.com/show_bug.cgi?id=1501200
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12194
https://security.gentoo.org/glsa/201811-20
https://ubuntu.com/security/notices/USN-3659-1
https://usn.ubuntu.com/3659-1/

Expand...

http://www.securityfocus.com/bid/105152
https://access.redhat.com/errata/RHSA-2018:2731
https://access.redhat.com/errata/RHSA-2018:2732
https://access.redhat.com/errata/RHSA-2018:3470
https://access.redhat.com/security/cve/CVE-2018-10873
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10873
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10873
https://gitlab.freedesktop.org/spice/spice-common/commit/bb15d4815ab586b4c4a20f4a565970a44824c42c
https://linux.oracle.com/cve/CVE-2018-10873.html
https://linux.oracle.com/errata/ELSA-2018-2732.html
https://lists.debian.org/debian-lts-announce/2018/08/msg00035.html
https://lists.debian.org/debian-lts-announce/2018/08/msg00037.html
https://lists.debian.org/debian-lts-announce/2018/08/msg00038.html
https://ubuntu.com/security/notices/USN-3751-1
https://usn.ubuntu.com/3751-1/
https://www.debian.org/security/2018/dsa-4319

Expand...

https://access.redhat.com/errata/RHSA-2019:2229
https://access.redhat.com/errata/RHSA-2020:0471
https://access.redhat.com/security/cve/CVE-2018-10893
https://bugzilla.redhat.com/show_bug.cgi?id=1598234
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10893
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10893
https://linux.oracle.com/cve/CVE-2018-10893.html
https://linux.oracle.com/errata/ELSA-2020-0471.html
https://lists.freedesktop.org/archives/spice-devel/2018-July/044489.html

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00001.html
https://access.redhat.com/security/cve/CVE-2020-14355
https://bugzilla.redhat.com/show_bug.cgi?id=1868435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14355
https://linux.oracle.com/cve/CVE-2020-14355.html
https://linux.oracle.com/errata/ELSA-2020-4187.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00001.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00002.html
https://ubuntu.com/security/notices/USN-4572-1
https://ubuntu.com/security/notices/USN-4572-2
https://usn.ubuntu.com/4572-1/
https://usn.ubuntu.com/4572-2/
https://www.debian.org/security/2020/dsa-4771
https://www.openwall.com/lists/oss-security/2020/10/06/10

| | libspice-client-glib-2.0-8 | CVE-2016-3066 | LOW | 0.34-1.1build1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2016-3066
https://bugzilla.redhat.com/show_bug.cgi?id=1320263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3066

Expand...

Expand...

Expand...

Expand...

| | libspice-client-gtk-3.0-5 | CVE-2016-3066 | LOW | 0.34-1.1build1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2016-3066
https://bugzilla.redhat.com/show_bug.cgi?id=1320263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3066

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768

| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.22.0-1ubuntu0.4 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/

| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.22.0-1ubuntu0.4 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://nvd.nist.gov/vuln/detail/CVE-2021-36690
https://ubuntu.com/security/notices/USN-5403-1
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.sqlite.org/forum/forumpost/718c0a8d17

Expand...

Expand...

http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09

Expand...

https://access.redhat.com/security/cve/CVE-2022-1292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html
https://nvd.nist.gov/vuln/detail/CVE-2022-1292
https://security.netapp.com/advisory/ntap-20220602-0009/
https://ubuntu.com/security/notices/USN-5402-1
https://ubuntu.com/security/notices/USN-5402-2
https://www.debian.org/security/2022/dsa-5139
https://www.openssl.org/news/secadv/20220503.txt

Expand...

Expand...

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-0865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json
https://gitlab.com/libtiff/libtiff/-/commit/a1c933dabd0e1c54a412f3f84ae0aa58115c6067
https://gitlab.com/libtiff/libtiff/-/issues/385
https://gitlab.com/libtiff/libtiff/-/merge_requests/306
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
https://nvd.nist.gov/vuln/detail/CVE-2022-0865
https://ubuntu.com/security/notices/USN-5421-1
https://www.debian.org/security/2022/dsa-5108

Expand...

https://access.redhat.com/security/cve/CVE-2022-0891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json
https://gitlab.com/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/libtiff/libtiff/-/issues/380
https://gitlab.com/libtiff/libtiff/-/issues/382
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
https://nvd.nist.gov/vuln/detail/CVE-2022-0891
https://ubuntu.com/security/notices/USN-5421-1
https://www.debian.org/security/2022/dsa-5108

Expand...

https://access.redhat.com/security/cve/CVE-2022-1354
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
https://gitlab.com/libtiff/libtiff/-/issues/319

| | libtiff5 | CVE-2018-10126 | LOW | 4.0.9-5ubuntu0.4 | |

Expand...

http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://access.redhat.com/security/cve/CVE-2018-10126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libtiff5 | CVE-2020-19131 | LOW | 4.0.9-5ubuntu0.4 | |

Expand...

http://blog.topsec.com.cn/%E5%A4%A9%E8%9E%8D%E4%BF%A1%E5%85%B3%E4%BA%8Elibtiff%E4%B8%ADinvertimage%E5%87%BD%E6%95%B0%E5%A0%86%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E7%9A%84%E5%88%86%E6%9E%90/
http://bugzilla.maptools.org/show_bug.cgi?id=2831
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19131.json
https://access.redhat.com/security/cve/CVE-2020-19131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19131
https://errata.almalinux.org/8/ALSA-2022-1810.html
https://linux.oracle.com/cve/CVE-2020-19131.html
https://linux.oracle.com/errata/ELSA-2022-1810.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00004.html

| | libtiff5 | CVE-2020-19144 | LOW | 4.0.9-5ubuntu0.4 | |

Expand...

http://bugzilla.maptools.org/show_bug.cgi?id=2852
https://access.redhat.com/security/cve/CVE-2020-19144
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19144
https://gitlab.com/libtiff/libtiff/-/issues/159
https://lists.debian.org/debian-lts-announce/2021/10/msg00004.html
https://security.netapp.com/advisory/ntap-20211004-0005/

Expand...

https://access.redhat.com/security/cve/CVE-2020-35522
https://bugzilla.redhat.com/show_bug.cgi?id=1932037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35522
https://gitlab.com/libtiff/libtiff/-/merge_requests/165
https://linux.oracle.com/cve/CVE-2020-35522.html
https://linux.oracle.com/errata/ELSA-2021-4241.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/
https://nvd.nist.gov/vuln/detail/CVE-2020-35522
https://security.gentoo.org/glsa/202104-06
https://security.netapp.com/advisory/ntap-20210521-0009/
https://ubuntu.com/security/notices/USN-5421-1

Expand...

https://access.redhat.com/security/cve/CVE-2022-0561
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://nvd.nist.gov/vuln/detail/CVE-2022-0561
https://security.netapp.com/advisory/ntap-20220318-0001/
https://ubuntu.com/security/notices/USN-5421-1
https://www.debian.org/security/2022/dsa-5108

Expand...

https://access.redhat.com/security/cve/CVE-2022-0562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562
https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://nvd.nist.gov/vuln/detail/CVE-2022-0562
https://security.netapp.com/advisory/ntap-20220318-0001/
https://ubuntu.com/security/notices/USN-5421-1
https://www.debian.org/security/2022/dsa-5108

| | libtiff5 | CVE-2022-22844 | LOW | 4.0.9-5ubuntu0.4 | |

Expand...

https://access.redhat.com/security/cve/CVE-2022-22844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844
https://gitlab.com/libtiff/libtiff/-/issues/355
https://gitlab.com/libtiff/libtiff/-/merge_requests/287
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22844
https://security.netapp.com/advisory/ntap-20220311-0002/
https://www.debian.org/security/2022/dsa-5108

| | libtinfo5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

| | libtinfo5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://access.redhat.com/security/cve/CVE-2019-17595
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://errata.almalinux.org/8/ALSA-2021-4426.html
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | libvorbis0a | CVE-2017-14160 | LOW | 1.3.5-4.2 | |

Expand...

http://openwall.com/lists/oss-security/2017/09/21/2
http://www.openwall.com/lists/oss-security/2017/09/21/2
http://www.openwall.com/lists/oss-security/2017/09/21/3
http://www.securityfocus.com/bid/101045
https://access.redhat.com/security/cve/CVE-2017-14160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14160
https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html
https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html
https://security.gentoo.org/glsa/202003-36
https://ubuntu.com/security/notices/USN-5420-1

| | libvorbis0a | CVE-2018-10392 | LOW | 1.3.5-4.2 | |

Expand...

https://access.redhat.com/errata/RHSA-2019:3703
https://access.redhat.com/security/cve/CVE-2018-10392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10392
https://gitlab.xiph.org/xiph/vorbis/issues/2335
https://linux.oracle.com/cve/CVE-2018-10392.html
https://linux.oracle.com/errata/ELSA-2019-3703.html
https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html
https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2018-10392
https://security.gentoo.org/glsa/202003-36
https://ubuntu.com/security/notices/USN-5420-1

| | libvorbis0a | CVE-2018-10393 | LOW | 1.3.5-4.2 | |

Expand...

https://access.redhat.com/errata/RHSA-2019:3703
https://access.redhat.com/security/cve/CVE-2018-10393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10393
https://gitlab.xiph.org/xiph/vorbis/issues/2334
https://linux.oracle.com/cve/CVE-2018-10393.html
https://linux.oracle.com/errata/ELSA-2019-3703.html
https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html
https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2018-10393
https://security.gentoo.org/glsa/202003-36
https://ubuntu.com/security/notices/USN-5420-1

| | libvorbisenc2 | CVE-2017-14160 | LOW | 1.3.5-4.2 | |

Expand...

| | libvorbisenc2 | CVE-2018-10392 | LOW | 1.3.5-4.2 | |

Expand...

| | libvorbisenc2 | CVE-2018-10393 | LOW | 1.3.5-4.2 | |

Expand...

| | libwind0-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Expand...

| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Expand...

Expand...

Expand...

Expand...

http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/34
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/36
http://seclists.org/fulldisclosure/2022/May/37
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/security/cve/CVE-2022-23308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
https://linux.oracle.com/cve/CVE-2022-23308.html
https://linux.oracle.com/errata/ELSA-2022-0899.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
https://nvd.nist.gov/vuln/detail/CVE-2022-23308
https://security.netapp.com/advisory/ntap-20220331-0008/
https://support.apple.com/kb/HT213253
https://support.apple.com/kb/HT213254
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://support.apple.com/kb/HT213258
https://ubuntu.com/security/notices/USN-5324-1
https://ubuntu.com/security/notices/USN-5422-1

Expand...

http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html
https://access.redhat.com/security/cve/CVE-2022-29824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
https://gitlab.gnome.org/GNOME/libxslt/-/tags
https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
https://nvd.nist.gov/vuln/detail/CVE-2022-29824
https://ubuntu.com/security/notices/USN-5422-1
https://www.debian.org/security/2022/dsa-5142

Expand...

| | locales | CVE-2009-5155 | LOW | 2.27-3ubuntu1.4 | |

Expand...

| | locales | CVE-2015-8985 | LOW | 2.27-3ubuntu1.4 | |

Expand...

Expand...

| | locales | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |

Expand...

| | locales | CVE-2016-20013 | LOW | 2.27-3ubuntu1.4 | |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | login | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | |

Expand...

https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235

Expand...

https://access.redhat.com/security/cve/CVE-2018-7169
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
https://ubuntu.com/security/notices/USN-5254-1

Expand...

| | multiarch-support | CVE-2009-5155 | LOW | 2.27-3ubuntu1.4 | |

Expand...

| | multiarch-support | CVE-2015-8985 | LOW | 2.27-3ubuntu1.4 | |

Expand...

Expand...

| | multiarch-support | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |

Expand...

| | multiarch-support | CVE-2016-20013 | LOW | 2.27-3ubuntu1.4 | |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | ncurses-base | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

| | ncurses-base | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://access.redhat.com/security/cve/CVE-2019-17595
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://errata.almalinux.org/8/ALSA-2021-4426.html
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | ncurses-bin | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

| | ncurses-bin | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://access.redhat.com/security/cve/CVE-2019-17595
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://errata.almalinux.org/8/ALSA-2021-4426.html
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

Expand...

http://www.securityfocus.com/bid/105127
https://access.redhat.com/errata/RHSA-2018:2552
https://access.redhat.com/errata/RHSA-2018:2553
https://access.redhat.com/errata/RHSA-2018:2944
https://access.redhat.com/errata/RHSA-2018:2949
https://access.redhat.com/errata/RHSA-2018:3537
https://access.redhat.com/security/cve/CVE-2018-12115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12115
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
https://security.gentoo.org/glsa/202003-48

Expand...

https://access.redhat.com/errata/RHSA-2019:1821
https://access.redhat.com/security/cve/CVE-2018-12116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2018-12116
https://security.gentoo.org/glsa/202003-48

Expand...

http://www.securityfocus.com/bid/106043
https://access.redhat.com/errata/RHSA-2019:1821
https://access.redhat.com/errata/RHSA-2019:2258
https://access.redhat.com/errata/RHSA-2019:3497
https://access.redhat.com/security/cve/CVE-2018-12121
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-12121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12121
https://linux.oracle.com/cve/CVE-2018-12121.html
https://linux.oracle.com/errata/ELSA-2019-3497.html
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2018-12121
https://security.gentoo.org/glsa/202003-48

Expand...

http://www.securityfocus.com/bid/106043
https://access.redhat.com/errata/RHSA-2019:1821
https://access.redhat.com/security/cve/CVE-2018-12122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12122
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2018-12122
https://security.gentoo.org/glsa/202003-48

Expand...

https://access.redhat.com/security/cve/CVE-2018-7160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7160
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
https://support.f5.com/csp/article/K63025104?utm_source=f5support&utm_medium=RSS

Expand...

http://www.securityfocus.com/bid/106363
https://access.redhat.com/security/cve/CVE-2018-7167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7167
https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/#calls-to-buffer-fill-and-or-buffer-alloc-may-hang-cve-2018-7167
https://nvd.nist.gov/vuln/detail/CVE-2018-7167
https://security.gentoo.org/glsa/202003-48

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00059.html
https://access.redhat.com/errata/RHSA-2019:1821
https://access.redhat.com/security/cve/CVE-2019-5737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5737
https://errata.almalinux.org/8/ALSA-2019-2925.html
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
https://nodejs.org/ja/blog/vulnerability/february-2019-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2019-5737
https://security.gentoo.org/glsa/202003-48
https://security.netapp.com/advisory/ntap-20190502-0008/

| | nodejs | CVE-2018-12123 | LOW | 14.18.1-1nodesource1 | |

Expand...

https://access.redhat.com/errata/RHSA-2019:1821
https://access.redhat.com/security/cve/CVE-2018-12123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12123
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2018-12123
https://security.gentoo.org/glsa/202003-48

| | nodejs | CVE-2018-7159 | LOW | 14.18.1-1nodesource1 | |

Expand...

https://access.redhat.com/errata/RHSA-2019:2258
https://access.redhat.com/security/cve/CVE-2018-7159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7159
https://linux.oracle.com/cve/CVE-2018-7159.html
https://linux.oracle.com/errata/ELSA-2019-2258.html
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
https://support.f5.com/csp/article/K27228191?utm_source=f5support&utm_medium=RSS

| | openssh-client | CVE-2020-14145 | LOW | 1:7.6p1-4ubuntu0.5 | |

Expand...

http://www.openwall.com/lists/oss-security/2020/12/02/1
https://access.redhat.com/security/cve/CVE-2020-14145
https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145
https://docs.ssh-mitm.at/CVE-2020-14145.html
https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
https://linux.oracle.com/cve/CVE-2020-14145.html
https://linux.oracle.com/errata/ELSA-2021-4368.html
https://nvd.nist.gov/vuln/detail/CVE-2020-14145
https://security.gentoo.org/glsa/202105-35
https://security.netapp.com/advisory/ntap-20200709-0004/
https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf

| | openssh-client | CVE-2021-41617 | LOW | 1:7.6p1-4ubuntu0.5 | |

Expand...

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json
https://access.redhat.com/security/cve/CVE-2021-41617
https://bugzilla.suse.com/show_bug.cgi?id=1190975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
https://errata.almalinux.org/8/ALSA-2022-2013.html
https://linux.oracle.com/cve/CVE-2021-41617.html
https://linux.oracle.com/errata/ELSA-2022-2013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
https://nvd.nist.gov/vuln/detail/CVE-2021-41617
https://security.netapp.com/advisory/ntap-20211014-0004/
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.8
https://www.openwall.com/lists/oss-security/2021/09/26/1
https://www.oracle.com/security-alerts/cpuapr2022.html

Expand...

Expand...

| | passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | |

Expand...

Expand...

Expand...

http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan

Expand...

Expand...

| | python2.7 | CVE-2015-20107 | LOW | 2.7.17-1~18.04ubuntu1.6 | |

Expand...

Expand...

Expand...

| | python2.7-minimal | CVE-2015-20107 | LOW | 2.7.17-1~18.04ubuntu1.6 | |

Expand...

Expand...

Expand...

Expand...

Expand...

| | python3.6 | CVE-2015-20107 | LOW | 3.6.9-1~18.04ubuntu1.4 | |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | python3.6-minimal | CVE-2015-20107 | LOW | 3.6.9-1~18.04ubuntu1.4 | |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | spice-client-glib-usb-acl-helper | CVE-2016-3066 | LOW | 0.34-1.1build1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2016-3066
https://bugzilla.redhat.com/show_bug.cgi?id=1320263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3066

| | tar | CVE-2021-20193 | LOW | 1.29b-2ubuntu0.2 | 1.29b-2ubuntu0.3 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-20193
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
https://ubuntu.com/security/notices/USN-5329-1

| | x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | |

Expand...

http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093

| | xorgxrdp | CVE-2020-4044 | MEDIUM | 0.9.5-2 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00037.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4044
https://github.com/neutrinolabs/xrdp/commit/0c791d073d0eb344ee7aaafd221513dc9226762c
https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.13.1
https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4
https://lists.debian.org/debian-lts-announce/2020/08/msg00015.html
https://www.debian.org/security/2020/dsa-4737

| | xrdp | CVE-2020-4044 | MEDIUM | 0.9.5-2 | |

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2021-4008
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008
https://errata.almalinux.org/8/ALSA-2022-1917.html
https://linux.oracle.com/cve/CVE-2021-4008.html
https://linux.oracle.com/errata/ELSA-2022-1917.html
https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKLSZCY47QK4RCJFXITYFALCGPJAFXOK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXTRPFEQLFZ6NT2LPLZEID664RGC3OCC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDHYZM6FII35JA7J275MFCJO6ADJUPQX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57DCF726O5LLTST4NBL5PQ7DLPB46HT/
https://lists.x.org/archives/xorg-announce/2021-December/003122.html
https://lists.x.org/archives/xorg-announce/2021-December/003124.html
https://security.netapp.com/advisory/ntap-20220114-0004/
https://ubuntu.com/security/notices/USN-5193-1
https://ubuntu.com/security/notices/USN-5193-2
https://www.debian.org/security/2021/dsa-5027
https://www.openwall.com/lists/oss-security/2021/12/14/1
https://www.zerodayinitiative.com/advisories/ZDI-21-1547/

Expand...

https://access.redhat.com/security/cve/CVE-2021-4009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009
https://errata.almalinux.org/8/ALSA-2022-1917.html
https://linux.oracle.com/cve/CVE-2021-4009.html
https://linux.oracle.com/errata/ELSA-2022-1917.html
https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKLSZCY47QK4RCJFXITYFALCGPJAFXOK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXTRPFEQLFZ6NT2LPLZEID664RGC3OCC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDHYZM6FII35JA7J275MFCJO6ADJUPQX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57DCF726O5LLTST4NBL5PQ7DLPB46HT/
https://lists.x.org/archives/xorg-announce/2021-December/003122.html
https://lists.x.org/archives/xorg-announce/2021-December/003124.html
https://security.netapp.com/advisory/ntap-20220114-0004/
https://ubuntu.com/security/notices/USN-5193-1
https://ubuntu.com/security/notices/USN-5193-2
https://www.debian.org/security/2021/dsa-5027
https://www.openwall.com/lists/oss-security/2021/12/14/1
https://www.zerodayinitiative.com/advisories/ZDI-21-1548/

Expand...

https://access.redhat.com/security/cve/CVE-2021-4011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
https://errata.almalinux.org/8/ALSA-2022-1917.html
https://linux.oracle.com/cve/CVE-2021-4011.html
https://linux.oracle.com/errata/ELSA-2022-1917.html
https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKLSZCY47QK4RCJFXITYFALCGPJAFXOK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXTRPFEQLFZ6NT2LPLZEID664RGC3OCC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDHYZM6FII35JA7J275MFCJO6ADJUPQX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57DCF726O5LLTST4NBL5PQ7DLPB46HT/
https://lists.x.org/archives/xorg-announce/2021-December/003122.html
https://lists.x.org/archives/xorg-announce/2021-December/003124.html
https://security.netapp.com/advisory/ntap-20220114-0004/
https://ubuntu.com/security/notices/USN-5193-1
https://ubuntu.com/security/notices/USN-5193-2
https://www.debian.org/security/2021/dsa-5027
https://www.openwall.com/lists/oss-security/2021/12/14/1
https://www.zerodayinitiative.com/advisories/ZDI-21-1550/

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu7.1 | |

Expand...

Expand...

| **node-pkg** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2018-3750
https://errata.almalinux.org/8/ALSA-2021-0549.html
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612

| | deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 |

Expand...

https://hackerone.com/reports/311333

| | ejs | CVE-2022-29078 | CRITICAL | 3.1.6 | 3.1.7 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-29078
https://eslam.io/posts/ejs-server-side-template-injection-rce/
https://github.com/advisories/GHSA-phwq-j96m-2c2q
https://github.com/mde/ejs/commit/15ee698583c98dadc456639d6245580d17a24baf
https://github.com/mde/ejs/releases
https://nvd.nist.gov/vuln/detail/CVE-2022-29078

| | engine.io | CVE-2022-21676 | HIGH | 4.1.1 | 6.1.1, 5.2.1, 4.1.2 |

Expand...

https://github.com/advisories/GHSA-273r-mgr4-v34f
https://github.com/socketio/engine.io/commit/66f889fc1d966bf5bfa0de1939069153643874ab
https://github.com/socketio/engine.io/commit/a70800d7e96da32f6e6622804ef659ebc58659db
https://github.com/socketio/engine.io/commit/c0e194d44933bd83bf9a4b126fca68ba7bf5098c
https://github.com/socketio/engine.io/releases/tag/4.1.2
https://github.com/socketio/engine.io/releases/tag/5.2.1
https://github.com/socketio/engine.io/releases/tag/6.1.1
https://github.com/socketio/engine.io/security/advisories/GHSA-273r-mgr4-v34f
https://nvd.nist.gov/vuln/detail/CVE-2022-21676

| | engine.io | CVE-2022-21676 | HIGH | 6.1.0 | 6.1.1, 5.2.1, 4.1.2 |

Expand...

| | markdown-it | CVE-2022-21670 | MEDIUM | 12.2.0 | 12.3.2 |

Expand...

https://github.com/advisories/GHSA-6vfc-qv3f-vr6c
https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101
https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c
https://nvd.nist.gov/vuln/detail/CVE-2022-21670

| | minimist | CVE-2021-44906 | CRITICAL | 1.2.5 | 1.2.6 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-44906
https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip
https://github.com/advisories/GHSA-xvch-5gv4-984h
https://github.com/substack/minimist/blob/master/index.js#L69
https://github.com/substack/minimist/issues/164
https://nvd.nist.gov/vuln/detail/CVE-2021-44906
https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068

| | moment | CVE-2022-24785 | HIGH | 2.29.1 | 2.29.2 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-24785
https://github.com/advisories/GHSA-8hfj-j24r-96c4
https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5
https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
https://nvd.nist.gov/vuln/detail/CVE-2022-24785
https://security.netapp.com/advisory/ntap-20220513-0006/
https://www.tenable.com/security/tns-2022-09

| | node-fetch | CVE-2022-0235 | HIGH | 2.6.6 | 2.6.7, 3.1.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-0235
https://github.com/advisories/GHSA-r683-j2x4-v87g
https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10
https://github.com/node-fetch/node-fetch/commit/5c32f002fdd65b1c6a8f1e3620210813d45c7e60
https://github.com/node-fetch/node-fetch/pull/1453
https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7
https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/
https://nvd.nist.gov/vuln/detail/CVE-2022-0235

| | simple-get | CVE-2022-0355 | HIGH | 3.1.0 | 2.8.2, 3.1.1, 4.0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-0355
https://github.com/advisories/GHSA-wpg7-2c88-r8xv
https://github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f
https://github.com/feross/simple-get/pull/75#issuecomment-1027755026
https://github.com/feross/simple-get/pull/76#issuecomment-1027754710
https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31
https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31/
https://nvd.nist.gov/vuln/detail/CVE-2022-0355

| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | github.com/containerd/containerd | CVE-2021-43816 | CRITICAL | v1.5.4 | 1.5.9 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-43816
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43816
https://github.com/containerd/containerd/commit/a731039238c62be081eb8c31525b988415745eea
https://github.com/containerd/containerd/issues/6194
https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c
https://github.com/dweomer/containerd/commit/f7f08f0e34fb97392b0d382e58916d6865100299
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD5GH7NMK5VJMA2Y5CYB5O5GTPYMWMLX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPDIZMI7ZPERSZE2XO265UCK5IWM7CID/
https://nvd.nist.gov/vuln/detail/CVE-2021-43816

| | github.com/containerd/containerd | CVE-2021-41103 | HIGH | v1.5.4 | v1.4.11, v1.5.7 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-41103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103
https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8
https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41103
https://ubuntu.com/security/notices/USN-5100-1
https://www.debian.org/security/2021/dsa-5002

| | github.com/containerd/containerd | CVE-2022-23648 | HIGH | v1.5.4 | 1.4.13, 1.5.10, 1.6.1 |

Expand...