--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: mysql-workbench/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |

Expand...

A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.allowPrivilegeEscalation' to false

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001

| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |

Expand...

The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-mysql-workbench' of Deployment 'RELEASE-NAME-mysql-workbench' should add 'ALL' to 'securityContext.capabilities.drop'

Expand...

https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003

| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |

Expand...

The container should drop all default capabilities and add only those that are needed for its execution.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should add 'ALL' to 'securityContext.capabilities.drop'

Expand...

https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003

| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |

Expand...

Enforcing CPU limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'resources.limits.cpu'

Expand...

https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-mysql-workbench' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-mysql-workbench' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

Container 'autopermissions' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

| | Kubernetes Security Check | KSV015 | CPU requests not specified | LOW |

Expand...

When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'resources.requests.cpu'

Expand...

https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015

| | Kubernetes Security Check | KSV016 | Memory requests not specified | LOW |

Expand...

When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'resources.requests.memory'

Expand...

https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016

Expand...

Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.privileged' to false

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017

| | Kubernetes Security Check | KSV018 | Memory not limited | LOW |

Expand...

Enforcing memory limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'resources.limits.memory'

Expand...

https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-mysql-workbench' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-mysql-workbench' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-mysql-workbench' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Expand...

HostPath volumes must be forbidden.

Deployment 'RELEASE-NAME-mysql-workbench' should not set 'spec.template.volumes.hostPath'

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023

| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |

Expand...

Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-mysql-workbench' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029

| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/mysql-workbench:v8.0.29 ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391

| | curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1

| | curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1

| | curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1

| | curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |

Expand...

https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1

| | libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |

Expand...

| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |

Expand...

http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-2201.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3

| #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |

Expand...

| | curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |

Expand...

| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |

Expand...

| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |

Expand...

| #### Container: tccr.io/truecharts/mysql-workbench:v8.0.29 (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | 5.0-6ubuntu1.2 |

Expand...

http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://access.redhat.com/security/cve/CVE-2019-18276
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-18276
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://ubuntu.com/security/notices/USN-5380-1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.youtube.com/watch?v=-wGtxJ8opa8

| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |

Expand...

http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://access.redhat.com/security/cve/CVE-2016-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2781

| | cpp | CVE-2020-13844 | MEDIUM | 1.185.1ubuntu2 | |

Expand...

http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8

| | cpp-9 | CVE-2020-13844 | MEDIUM | 9.4.0-1ubuntu1~20.04.1 | |

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304

Expand...

| | gnome-keyring | CVE-2018-19358 | LOW | 3.36.0-1ubuntu1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2018-19358
https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1780365
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19358
https://github.com/sungjungk/keyring_crack
https://wiki.gnome.org/Projects/GnomeKeyring/SecurityFAQ
https://www.youtube.com/watch?v=Do4E9ZQaPck

| | gnome-keyring-pkcs11 | CVE-2018-19358 | LOW | 3.36.0-1ubuntu1 | |

Expand...

| | groff-base | CVE-2009-5080 | LOW | 1.22.4-4build1 | |

Expand...

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff.diff?r1=1.1;r2=1.2;f=h
http://openwall.com/lists/oss-security/2009/08/14/4
http://openwall.com/lists/oss-security/2009/08/14/5
http://www.mandriva.com/security/advisories?name=MDVSA-2013:085
http://www.mandriva.com/security/advisories?name=MDVSA-2013:086
https://access.redhat.com/security/cve/CVE-2009-5080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5080

Expand...

https://access.redhat.com/security/cve/CVE-2022-1271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
https://errata.almalinux.org/8/ALSA-2022-1537.html
https://linux.oracle.com/cve/CVE-2022-1271.html
https://linux.oracle.com/errata/ELSA-2022-2191.html
https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
https://ubuntu.com/security/notices/USN-5378-1
https://ubuntu.com/security/notices/USN-5378-2
https://ubuntu.com/security/notices/USN-5378-3
https://ubuntu.com/security/notices/USN-5378-4
https://www.openwall.com/lists/oss-security/2022/04/07/8

Expand...

https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html

Expand...

https://access.redhat.com/security/cve/CVE-2021-37750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-37750.html
https://linux.oracle.com/errata/ELSA-2021-4788.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/
https://nvd.nist.gov/vuln/detail/CVE-2021-37750
https://security.netapp.com/advisory/ntap-20210923-0002/
https://web.mit.edu/kerberos/advisories/

Expand...

https://bugs.launchpad.net/apparmor/+bug/1597017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2016-1585

| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1

| | libcairo-gobject2 | CVE-2017-7475 | LOW | 1.16.0-4ubuntu1 | |

Expand...

http://seclists.org/oss-sec/2017/q2/151
https://access.redhat.com/security/cve/CVE-2017-7475
https://bugs.freedesktop.org/show_bug.cgi?id=100763
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
https://github.com/advisories/GHSA-5v3f-73gv-x7x5
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2017-7475

| | libcairo-gobject2 | CVE-2018-18064 | LOW | 1.16.0-4ubuntu1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2018-18064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064
https://gitlab.freedesktop.org/cairo/cairo/issues/341
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcairo-gobject2 | CVE-2019-6461 | LOW | 1.16.0-4ubuntu1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2019-6461
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/352
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-6461

| | libcairo2 | CVE-2017-7475 | LOW | 1.16.0-4ubuntu1 | |

Expand...

| | libcairo2 | CVE-2018-18064 | LOW | 1.16.0-4ubuntu1 | |

Expand...

| | libcairo2 | CVE-2019-6461 | LOW | 1.16.0-4ubuntu1 | |

Expand...

Expand...

| | libcups2 | CVE-2019-8842 | LOW | 2.3.1-9ubuntu1.1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT210788

| | libcups2 | CVE-2020-10001 | LOW | 2.3.1-9ubuntu1.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2020-10001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001
https://linux.oracle.com/cve/CVE-2020-10001.html
https://linux.oracle.com/errata/ELSA-2021-4393.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html
https://support.apple.com/en-us/HT212011

Expand...

| | libflac8 | CVE-2020-0499 | LOW | 1.3.3-1build1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2020-0499
https://android.googlesource.com/platform/external/flac/+/029048f823ced50f63a92e25073427ec3a9bd909%5E%21/#F0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/01/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33W6XZAAEJYRGU3XYHRO7XSYEA7YACUB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNZYTAU5UWBVXVJ4VHDWPR66ZVDLQZRE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPA5GAEKPXKAHGHHBI4X7AFNI4BMOVG3/
https://source.android.com/security/bulletin/pixel/2020-12-01

Expand...

| | libfreetype6 | CVE-2022-27405 | LOW | 2.10.1-2ubuntu0.1 | |

Expand...

| | libfreetype6 | CVE-2022-27406 | LOW | 2.10.1-2ubuntu0.1 | |

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2021-44648
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/
https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/

Expand...

| | libgif7 | CVE-2020-23922 | LOW | 5.1.9-1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2020-23922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23922
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://sourceforge.net/p/giflib/bugs/151/

| | libgif7 | CVE-2022-28506 | LOW | 5.1.9-1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2022-28506
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28506
https://github.com/verf1sh/Poc/blob/master/asan_report_giflib.png
https://github.com/verf1sh/Poc/blob/master/giflib_poc
https://nvd.nist.gov/vuln/detail/CVE-2022-28506
https://sourceforge.net/p/giflib/bugs/159/

| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |

Expand...

https://access.redhat.com/security/cve/CVE-2021-43618
https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43618

Expand...

Expand...

| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libjbig0 | CVE-2017-9937 | LOW | 2.1-3.1build1 | |

Expand...

http://bugzilla.maptools.org/show_bug.cgi?id=2707
http://www.securityfocus.com/bid/99304
https://access.redhat.com/security/cve/CVE-2017-9937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2020-17541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html
https://nvd.nist.gov/vuln/detail/CVE-2020-17541

Expand...

Expand...

| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-29155
https://bugs.openldap.org/show_bug.cgi?id=9815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155
https://nvd.nist.gov/vuln/detail/CVE-2022-29155
https://ubuntu.com/security/notices/USN-5424-1
https://ubuntu.com/security/notices/USN-5424-2
https://www.debian.org/security/2022/dsa-5140

Expand...

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46322
https://github.com/svaarala/duktape/issues/2448

| | libpam-gnome-keyring | CVE-2018-19358 | LOW | 3.36.0-1ubuntu1 | |

Expand...

| | libpcre2-8-0 | CVE-2022-1586 | LOW | 10.34-7 | |

Expand...

https://access.redhat.com/security/cve/CVE-2022-1586
https://bugzilla.redhat.com/show_bug.cgi?id=2077976,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,
https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/

| | libpcre2-8-0 | CVE-2022-1587 | LOW | 10.34-7 | |

Expand...

https://access.redhat.com/security/cve/CVE-2022-1587
https://bugzilla.redhat.com/show_bug.cgi?id=2077983,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587
https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/

| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |

Expand...

http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://access.redhat.com/security/cve/CVE-2017-11164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://access.redhat.com/security/cve/CVE-2019-20838
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://errata.almalinux.org/8/ALSA-2021-4373.html
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-20838
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://ubuntu.com/security/notices/USN-5425-1
https://www.pcre.org/original/changelog.txt

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://access.redhat.com/security/cve/CVE-2020-14155
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://errata.almalinux.org/8/ALSA-2021-4373.html
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-14155
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://ubuntu.com/security/notices/USN-5425-1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.pcre.org/original/changelog.txt

| | libpcrecpp0v5 | CVE-2017-11164 | LOW | 2:8.39-12ubuntu0.1 | |

Expand...

| | libpolkit-agent-1-0 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.3 | |

Expand...

http://seclists.org/oss-sec/2016/q1/443
http://www.openwall.com/lists/oss-security/2016/02/26/3
https://access.redhat.com/security/cve/CVE-2016-2568
https://access.redhat.com/security/cve/cve-2016-2568
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062
https://bugzilla.redhat.com/show_bug.cgi?id=1300746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2568
https://ubuntu.com/security/CVE-2016-2568

| | libpolkit-gobject-1-0 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.3 | |

Expand...

| | libpython2.7-minimal | CVE-2015-20107 | LOW | 2.7.18-1~20.04.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2015-20107
https://bugs.python.org/issue24778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107
https://github.com/python/cpython/issues/68966
https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80
https://github.com/python/cpython/pull/91993
https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/
https://nvd.nist.gov/vuln/detail/CVE-2015-20107

| | libpython2.7-stdlib | CVE-2015-20107 | LOW | 2.7.18-1~20.04.1 | |

Expand...

| | libpython3.8 | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |

Expand...

| | libpython3.8-minimal | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |

Expand...

| | libpython3.8-stdlib | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |

Expand...

| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | 3.0-1ubuntu0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-36084
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1

| | libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | 3.0-1ubuntu0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-36085
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1

| | libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | 3.0-1ubuntu0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-36086
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1

| | libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | 3.0-1ubuntu0.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-36087
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
https://ubuntu.com/security/notices/USN-5391-1

| | libsndfile1 | CVE-2021-4156 | LOW | 1.0.28-7ubuntu0.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2021-4156
https://bugzilla.redhat.com/show_bug.cgi?id=2027690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4156
https://errata.almalinux.org/8/ALSA-2022-1968.html
https://github.com/libsndfile/libsndfile/issues/731
https://github.com/libsndfile/libsndfile/pull/732/commits/4c30646abf7834e406f7e2429c70bc254e18beab
https://linux.oracle.com/cve/CVE-2021-4156.html
https://linux.oracle.com/errata/ELSA-2022-1968.html
https://ubuntu.com/security/notices/USN-5409-1

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768

| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.3 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/

| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.3 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-0865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json
https://gitlab.com/libtiff/libtiff/-/commit/a1c933dabd0e1c54a412f3f84ae0aa58115c6067
https://gitlab.com/libtiff/libtiff/-/issues/385
https://gitlab.com/libtiff/libtiff/-/merge_requests/306
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
https://nvd.nist.gov/vuln/detail/CVE-2022-0865
https://ubuntu.com/security/notices/USN-5421-1
https://www.debian.org/security/2022/dsa-5108

Expand...

https://access.redhat.com/security/cve/CVE-2022-0891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json
https://gitlab.com/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/libtiff/libtiff/-/issues/380
https://gitlab.com/libtiff/libtiff/-/issues/382
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
https://nvd.nist.gov/vuln/detail/CVE-2022-0891
https://ubuntu.com/security/notices/USN-5421-1
https://www.debian.org/security/2022/dsa-5108

Expand...

https://access.redhat.com/security/cve/CVE-2022-1354
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
https://gitlab.com/libtiff/libtiff/-/issues/319

| | libtiff5 | CVE-2018-10126 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |

Expand...

http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://access.redhat.com/security/cve/CVE-2018-10126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

Expand...

https://access.redhat.com/security/cve/CVE-2020-35522
https://bugzilla.redhat.com/show_bug.cgi?id=1932037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35522
https://gitlab.com/libtiff/libtiff/-/merge_requests/165
https://linux.oracle.com/cve/CVE-2020-35522.html
https://linux.oracle.com/errata/ELSA-2021-4241.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/
https://nvd.nist.gov/vuln/detail/CVE-2020-35522
https://security.gentoo.org/glsa/202104-06
https://security.netapp.com/advisory/ntap-20210521-0009/
https://ubuntu.com/security/notices/USN-5421-1

Expand...

https://access.redhat.com/security/cve/CVE-2022-0561
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://nvd.nist.gov/vuln/detail/CVE-2022-0561
https://security.netapp.com/advisory/ntap-20220318-0001/
https://ubuntu.com/security/notices/USN-5421-1
https://www.debian.org/security/2022/dsa-5108

Expand...

https://access.redhat.com/security/cve/CVE-2022-0562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562
https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://nvd.nist.gov/vuln/detail/CVE-2022-0562
https://security.netapp.com/advisory/ntap-20220318-0001/
https://ubuntu.com/security/notices/USN-5421-1
https://www.debian.org/security/2022/dsa-5108

| | libtiff5 | CVE-2022-22844 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |

Expand...

https://access.redhat.com/security/cve/CVE-2022-22844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844
https://gitlab.com/libtiff/libtiff/-/issues/355
https://gitlab.com/libtiff/libtiff/-/merge_requests/287
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22844
https://security.netapp.com/advisory/ntap-20220311-0002/
https://www.debian.org/security/2022/dsa-5108

| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-29824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
https://gitlab.gnome.org/GNOME/libxslt/-/tags
https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
https://nvd.nist.gov/vuln/detail/CVE-2022-29824
https://ubuntu.com/security/notices/USN-5422-1
https://www.debian.org/security/2022/dsa-5142

| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235

Expand...

| | openssh-client | CVE-2020-14145 | LOW | 1:8.2p1-4ubuntu0.5 | |

Expand...

http://www.openwall.com/lists/oss-security/2020/12/02/1
https://access.redhat.com/security/cve/CVE-2020-14145
https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145
https://docs.ssh-mitm.at/CVE-2020-14145.html
https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
https://linux.oracle.com/cve/CVE-2020-14145.html
https://linux.oracle.com/errata/ELSA-2021-4368.html
https://nvd.nist.gov/vuln/detail/CVE-2020-14145
https://security.gentoo.org/glsa/202105-35
https://security.netapp.com/advisory/ntap-20200709-0004/
https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf

| | openssh-client | CVE-2021-41617 | LOW | 1:8.2p1-4ubuntu0.5 | |

Expand...

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json
https://access.redhat.com/security/cve/CVE-2021-41617
https://bugzilla.suse.com/show_bug.cgi?id=1190975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
https://errata.almalinux.org/8/ALSA-2022-2013.html
https://linux.oracle.com/cve/CVE-2021-41617.html
https://linux.oracle.com/errata/ELSA-2022-2013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
https://nvd.nist.gov/vuln/detail/CVE-2021-41617
https://security.netapp.com/advisory/ntap-20211014-0004/
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.8
https://www.openwall.com/lists/oss-security/2021/09/26/1
https://www.oracle.com/security-alerts/cpuapr2022.html

| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |

Expand...

Expand...

http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan

| | policykit-1 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.3 | |

Expand...

| | python2.7 | CVE-2015-20107 | LOW | 2.7.18-1~20.04.1 | |

Expand...

| | python2.7-minimal | CVE-2015-20107 | LOW | 2.7.18-1~20.04.1 | |

Expand...

| | python3-urllib3 | CVE-2021-33503 | LOW | 1.25.8-2ubuntu0.1 | |

Expand...

https://access.redhat.com/security/cve/CVE-2021-33503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://errata.almalinux.org/8/ALSA-2021-4162.html
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://linux.oracle.com/cve/CVE-2021-33503.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html

| | python3.8 | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |

Expand...

| | python3.8-minimal | CVE-2015-20107 | LOW | 3.8.10-0ubuntu1~20.04.4 | |

Expand...

| | x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | |

Expand...

http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093

| | xrdp | CVE-2020-4044 | MEDIUM | 0.9.12-1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00037.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4044
https://github.com/neutrinolabs/xrdp/commit/0c791d073d0eb344ee7aaafd221513dc9226762c
https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.13.1
https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4
https://lists.debian.org/debian-lts-announce/2020/08/msg00015.html
https://www.debian.org/security/2020/dsa-4737

| | xutils | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | |

Expand...

| **node-pkg** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | deep-extend | CVE-2018-3750 | CRITICAL | 0.4.2 | 0.5.1 |

Expand...

https://access.redhat.com/security/cve/CVE-2018-3750
https://errata.almalinux.org/8/ALSA-2021-0549.html
https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612

| | deep-extend | NSWG-ECO-408 | LOW | 0.4.2 | >=0.5.1 |

Expand...

https://hackerone.com/reports/311333

| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | github.com/docker/cli | CVE-2021-41092 | HIGH | v20.10.3-0.20220226190722-8667ccd1124c+incompatible | v20.10.9 |

Expand...

https://access.redhat.com/security/cve/CVE-2021-41092
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41092
https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b
https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41092
https://ubuntu.com/security/notices/USN-5134-1

| | github.com/opencontainers/image-spec | GMS-2021-101 | UNKNOWN | v1.0.2-0.20211117181255-693428a734f5 | 1.0.2 |

Expand...

https://github.com/advisories/GHSA-77vh-xpmg-72qh
https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m
https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c
https://github.com/opencontainers/image-spec/releases/tag/v1.0.2
https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh

| | github.com/opencontainers/runc | CVE-2022-24769 | MEDIUM | v1.1.0 | v1.1.2 |

Expand...

Expand...