--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: unmanic/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-unmanic' of Deployment 'RELEASE-NAME-unmanic' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'resources.limits.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-unmanic' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-unmanic' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'autopermissions' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV015 | CPU requests not specified | LOW |
Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'resources.requests.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
| | Kubernetes Security Check | KSV016 | Memory requests not specified | LOW |
Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'resources.requests.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
| | Kubernetes Security Check | KSV017 | Privileged container | HIGH |
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.privileged' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
| | Kubernetes Security Check | KSV018 | Memory not limited | LOW |
Expand... Enforcing memory limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'resources.limits.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-unmanic' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-unmanic' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-unmanic' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM |
Expand... HostPath volumes must be forbidden.

Deployment 'RELEASE-NAME-unmanic' should not set 'spec.template.volumes.hostPath'
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |
Expand... Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-unmanic' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029
| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/unmanic:v0.2.0@sha256:8803a54504f699d45197b51866e9bdbb1f7bd543e0183aa8c055bfb3dacef04f ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/unmanic:v0.2.0@sha256:8803a54504f699d45197b51866e9bdbb1f7bd543e0183aa8c055bfb3dacef04f (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | |
Expand...http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://access.redhat.com/security/cve/CVE-2019-18276
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-18276
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |
Expand...http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://access.redhat.com/security/cve/CVE-2016-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2781
| | krb5-locales | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | krb5-locales | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libass9 | CVE-2020-36430 | MEDIUM | 1:0.14.0-2 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26674
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36430
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libass/OSV-2020-2099.yaml
https://github.com/libass/libass/commit/017137471d0043e0321e377ed8da48e45a3ec632
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JUXFQUJ32GWG5E46A63DFDCYJAF3VU6/
| | libcairo2 | CVE-2017-7475 | LOW | 1.16.0-4ubuntu1 | |
Expand...http://seclists.org/oss-sec/2017/q2/151
https://access.redhat.com/security/cve/CVE-2017-7475
https://bugs.freedesktop.org/show_bug.cgi?id=100763
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
https://github.com/advisories/GHSA-5v3f-73gv-x7x5
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2017-7475
| | libcairo2 | CVE-2017-9814 | LOW | 1.16.0-4ubuntu1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00042.html
https://access.redhat.com/security/cve/CVE-2017-9814
https://bugs.freedesktop.org/show_bug.cgi?id=101547
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9814
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/201904-01
| | libcairo2 | CVE-2018-18064 | LOW | 1.16.0-4ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-18064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064
https://gitlab.freedesktop.org/cairo/cairo/issues/341
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libcairo2 | CVE-2019-6461 | LOW | 1.16.0-4ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-6461
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/352
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-6461
| | libcairo2 | CVE-2019-6462 | LOW | 1.16.0-4ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-6462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6462
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/353
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-6462
| | libexpat1 | CVE-2022-25235 | HIGH | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25235
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
https://github.com/libexpat/libexpat/pull/562
https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)
https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)
https://linux.oracle.com/cve/CVE-2022-25235.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25235
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2022-25236 | HIGH | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25236
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
https://github.com/libexpat/libexpat/pull/561
https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)
https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)
https://github.com/libexpat/libexpat/pull/577
https://linux.oracle.com/cve/CVE-2022-25236.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25236
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2021-46143 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-46143
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
https://github.com/libexpat/libexpat/issues/532
https://github.com/libexpat/libexpat/pull/538
https://linux.oracle.com/cve/CVE-2021-46143.html
https://linux.oracle.com/errata/ELSA-2022-9227.html
https://nvd.nist.gov/vuln/detail/CVE-2021-46143
https://security.netapp.com/advisory/ntap-20220121-0006/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22822 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22822.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22822
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22823 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22823.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22823
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22824 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22824.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22824
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22825 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22825.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22825
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22826 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22826.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22826
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-22827 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22827.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22827
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-23852 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...https://access.redhat.com/security/cve/CVE-2022-23852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
https://linux.oracle.com/cve/CVE-2022-23852.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23852
https://security.netapp.com/advisory/ntap-20220217-0001/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-23990 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...https://access.redhat.com/security/cve/CVE-2022-23990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
https://linux.oracle.com/cve/CVE-2022-23990.html
https://linux.oracle.com/errata/ELSA-2022-9232.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://nvd.nist.gov/vuln/detail/CVE-2022-23990
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libexpat1 | CVE-2022-25313 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.4 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25313
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
https://github.com/libexpat/libexpat/pull/558
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25313
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2022-25314 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.4 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25314
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
https://github.com/libexpat/libexpat/pull/560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25314
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2022-25315 | MEDIUM | 2.2.9-1build1 | 2.2.9-1ubuntu0.4 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25315
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
https://github.com/libexpat/libexpat/pull/559
https://linux.oracle.com/cve/CVE-2022-25315.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25315
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
| | libexpat1 | CVE-2021-45960 | LOW | 2.2.9-1build1 | 2.2.9-1ubuntu0.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-45960
https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
https://github.com/libexpat/libexpat/issues/531
https://github.com/libexpat/libexpat/pull/534
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
https://linux.oracle.com/cve/CVE-2021-45960.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2021-45960
https://security.netapp.com/advisory/ntap-20220121-0004/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-43618
https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43618
| | libgssapi-krb5-2 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-17541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html
https://nvd.nist.gov/vuln/detail/CVE-2020-17541
| | libk5crypto3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libkrb5-3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |
Expand...http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://access.redhat.com/security/cve/CVE-2017-11164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://access.redhat.com/security/cve/CVE-2019-20838
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-20838
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://access.redhat.com/security/cve/CVE-2020-14155
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-14155
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| | libpython3.8-minimal | CVE-2022-0391 | MEDIUM | 3.8.10-0ubuntu1~20.04.2 | 3.8.10-0ubuntu1~20.04.4 |
Expand...https://access.redhat.com/security/cve/CVE-2022-0391
https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://nvd.nist.gov/vuln/detail/CVE-2022-0391
https://security.netapp.com/advisory/ntap-20220225-0009/
https://ubuntu.com/security/notices/USN-5342-1
| | libpython3.8-stdlib | CVE-2022-0391 | MEDIUM | 3.8.10-0ubuntu1~20.04.2 | 3.8.10-0ubuntu1~20.04.4 |
Expand...https://access.redhat.com/security/cve/CVE-2022-0391
https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://nvd.nist.gov/vuln/detail/CVE-2022-0391
https://security.netapp.com/advisory/ntap-20220225-0009/
https://ubuntu.com/security/notices/USN-5342-1
| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36084
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36085
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36086
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36087
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
| | libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768
| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
| | libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://nvd.nist.gov/vuln/detail/CVE-2021-36690
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.sqlite.org/forum/forumpost/718c0a8d17
| | libssl1.1 | CVE-2022-0778 | HIGH | 1.1.1f-1ubuntu2.11 | 1.1.1f-1ubuntu2.12 |
Expand...https://access.redhat.com/security/cve/CVE-2022-0778
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9258.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libxml2 | CVE-2022-23308 | MEDIUM | 2.9.10+dfsg-5ubuntu0.20.04.1 | 2.9.10+dfsg-5ubuntu0.20.04.2 |
Expand...https://access.redhat.com/security/cve/CVE-2022-23308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
https://linux.oracle.com/cve/CVE-2022-23308.html
https://linux.oracle.com/errata/ELSA-2022-0899.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
https://nvd.nist.gov/vuln/detail/CVE-2022-23308
https://security.netapp.com/advisory/ntap-20220331-0008/
https://ubuntu.com/security/notices/USN-5324-1
| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | openssl | CVE-2022-0778 | HIGH | 1.1.1f-1ubuntu2.11 | 1.1.1f-1ubuntu2.12 |
Expand...https://access.redhat.com/security/cve/CVE-2022-0778
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9258.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | python-pip-whl | CVE-2021-33503 | LOW | 20.0.2-5ubuntu1.6 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-33503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://linux.oracle.com/cve/CVE-2021-33503.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python-pip-whl | CVE-2021-3572 | LOW | 20.0.2-5ubuntu1.6 | |
Expand...https://access.redhat.com/errata/RHSA-2021:3254
https://access.redhat.com/security/cve/CVE-2021-3572
https://bugzilla.redhat.com/show_bug.cgi?id=1962856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572
https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
https://github.com/pypa/pip/issues/10042
https://github.com/pypa/pip/issues/10042#issuecomment-857452480
https://github.com/pypa/pip/pull/9827
https://github.com/skazi0/CVE-2021-3572/blob/master/CVE-2021-3572-v9.0.1.patch
https://linux.oracle.com/cve/CVE-2021-3572.html
https://linux.oracle.com/errata/ELSA-2021-4455.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://packetstormsecurity.com/files/162712/USN-4961-1.txt
| | python3-pip | CVE-2021-33503 | LOW | 20.0.2-5ubuntu1.6 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-33503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://linux.oracle.com/cve/CVE-2021-33503.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3-pip | CVE-2021-3572 | LOW | 20.0.2-5ubuntu1.6 | |
Expand...https://access.redhat.com/errata/RHSA-2021:3254
https://access.redhat.com/security/cve/CVE-2021-3572
https://bugzilla.redhat.com/show_bug.cgi?id=1962856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572
https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
https://github.com/pypa/pip/issues/10042
https://github.com/pypa/pip/issues/10042#issuecomment-857452480
https://github.com/pypa/pip/pull/9827
https://github.com/skazi0/CVE-2021-3572/blob/master/CVE-2021-3572-v9.0.1.patch
https://linux.oracle.com/cve/CVE-2021-3572.html
https://linux.oracle.com/errata/ELSA-2021-4455.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://packetstormsecurity.com/files/162712/USN-4961-1.txt
| | python3.8 | CVE-2022-0391 | MEDIUM | 3.8.10-0ubuntu1~20.04.2 | 3.8.10-0ubuntu1~20.04.4 |
Expand...https://access.redhat.com/security/cve/CVE-2022-0391
https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://nvd.nist.gov/vuln/detail/CVE-2022-0391
https://security.netapp.com/advisory/ntap-20220225-0009/
https://ubuntu.com/security/notices/USN-5342-1
| | python3.8-minimal | CVE-2022-0391 | MEDIUM | 3.8.10-0ubuntu1~20.04.2 | 3.8.10-0ubuntu1~20.04.4 |
Expand...https://access.redhat.com/security/cve/CVE-2022-0391
https://bugs.python.org/issue43882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
https://nvd.nist.gov/vuln/detail/CVE-2022-0391
https://security.netapp.com/advisory/ntap-20220225-0009/
https://ubuntu.com/security/notices/USN-5342-1
| | sqlite3 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768
| | sqlite3 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
| | sqlite3 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
| | sqlite3 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://nvd.nist.gov/vuln/detail/CVE-2021-36690
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.sqlite.org/forum/forumpost/718c0a8d17
| | tar | CVE-2021-20193 | LOW | 1.30+dfsg-7ubuntu0.20.04.1 | 1.30+dfsg-7ubuntu0.20.04.2 |
Expand...https://access.redhat.com/security/cve/CVE-2021-20193
https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
https://ubuntu.com/security/notices/USN-5329-1
| | unzip | CVE-2022-0529 | MEDIUM | 6.0-25ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0529
https://bugzilla.redhat.com/show_bug.cgi?id=2051395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529
https://github.com/ByteHackr/unzip_poc
https://nvd.nist.gov/vuln/detail/CVE-2022-0529
| | unzip | CVE-2021-4217 | LOW | 6.0-25ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4217
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4217
| | unzip | CVE-2022-0530 | LOW | 6.0-25ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0530
https://bugzilla.redhat.com/show_bug.cgi?id=2051395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530
https://github.com/ByteHackr/unzip_poc
https://nvd.nist.gov/vuln/detail/CVE-2022-0530
| | zlib1g | CVE-2018-25032 | MEDIUM | 1:1.2.11.dfsg-2ubuntu1.2 | 1:1.2.11.dfsg-2ubuntu1.3 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| **node-pkg** | No Vulnerabilities found | |:---------------------------------| **python-pkg** | No Vulnerabilities found | |:---------------------------------|