# Security Scan ## Helm-Chart ##### Scan Results 2021-12-04T19:24:11.523Z [34mINFO[0m Detected config files: 1 #### calibre-web/templates/common.yaml **kubernetes** | No Vulnerabilities found | |:---------------------------------| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c tccr.io/truecharts/calibre-web:version-0.6.12@sha256:3f54c0f7bec8c635f019d88039b986c5fa8951445daf5016b4cdb1118694c612 ##### Scan Results **Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c** 2021-12-04T19:24:12.326Z [34mINFO[0m Detected OS: alpine 2021-12-04T19:24:12.326Z [34mINFO[0m Detecting Alpine vulnerabilities... 2021-12-04T19:24:12.333Z [34mINFO[0m Number of language-specific files: 0 #### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |

Click to expand!

| | ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |

Click to expand!

| | ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |

Click to expand!

| **Container: tccr.io/truecharts/calibre-web:version-0.6.12@sha256:3f54c0f7bec8c635f019d88039b986c5fa8951445daf5016b4cdb1118694c612** 2021-12-04T19:24:32.635Z [34mINFO[0m Detected OS: ubuntu 2021-12-04T19:24:32.635Z [34mINFO[0m Detecting Ubuntu vulnerabilities... 2021-12-04T19:24:32.641Z [34mINFO[0m Number of language-specific files: 1 2021-12-04T19:24:32.641Z [34mINFO[0m Detecting python-pkg vulnerabilities... #### tccr.io/truecharts/calibre-web:version-0.6.12@sha256:3f54c0f7bec8c635f019d88039b986c5fa8951445daf5016b4cdb1118694c612 (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | |

Click to expand!

http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8

| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |

Click to expand!

http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/

| | dbus | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | |

Click to expand!

https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1891605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25664

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1894226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27752

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39212
https://github.com/ImageMagick/ImageMagick/commit/01faddbe2711a4156180c4a92837e2f23683cc68
https://github.com/ImageMagick/ImageMagick/commit/35893e7cad78ce461fcaffa56076c11700ba5e4e
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvhr-jj4p-j2qr

| | imagemagick | CVE-2020-29599 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29599
https://github.com/ImageMagick/ImageMagick/discussions/2851
https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html
https://linux.oracle.com/cve/CVE-2020-29599.html
https://linux.oracle.com/errata/ELSA-2021-0024.html
https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html
https://security.gentoo.org/glsa/202101-36

| | imagemagick | CVE-2021-20241 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1928952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20241
https://github.com/ImageMagick/ImageMagick/pull/3177
https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html

| | imagemagick | CVE-2021-20243 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1928958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20243
https://github.com/ImageMagick/ImageMagick/pull/3193
https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html

| | imagemagick | CVE-2021-20244 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1928959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20244
https://github.com/ImageMagick/ImageMagick/pull/3194
https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html
https://ubuntu.com/security/notices/USN-5158-1

| | imagemagick | CVE-2021-20245 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1928943
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20245
https://github.com/ImageMagick/ImageMagick/issues/3176
https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html

| | imagemagick | CVE-2021-20246 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1928941
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20246
https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html
https://ubuntu.com/security/notices/USN-5158-1

| | imagemagick | CVE-2021-20309 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1946722
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20309
https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html
https://ubuntu.com/security/notices/USN-5158-1

| | imagemagick | CVE-2021-20312 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1946742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20312
https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html
https://ubuntu.com/security/notices/USN-5158-1

| | imagemagick | CVE-2021-20313 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1947019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20313
https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html
https://ubuntu.com/security/notices/USN-5158-1

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1891605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25664

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1894226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27752

Click to expand!

| | imagemagick-6-common | CVE-2020-29599 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6-common | CVE-2021-20241 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6-common | CVE-2021-20243 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6-common | CVE-2021-20244 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6-common | CVE-2021-20245 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6-common | CVE-2021-20246 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6-common | CVE-2021-20309 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6-common | CVE-2021-20312 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6-common | CVE-2021-20313 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1891605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25664

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1894226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27752

Click to expand!

| | imagemagick-6.q16 | CVE-2020-29599 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6.q16 | CVE-2021-20241 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6.q16 | CVE-2021-20243 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6.q16 | CVE-2021-20244 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6.q16 | CVE-2021-20245 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6.q16 | CVE-2021-20246 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6.q16 | CVE-2021-20309 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6.q16 | CVE-2021-20312 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | imagemagick-6.q16 | CVE-2021-20313 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html

| | krb5-locales | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

Click to expand!

https://bugs.launchpad.net/apparmor/+bug/1597017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions

Click to expand!

https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8

| | libc-bin | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

http://openwall.com/lists/oss-security/2017/03/01/10
http://www.securityfocus.com/bid/96525
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228
https://linux.oracle.com/cve/CVE-2016-10228.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/show_bug.cgi?id=19519
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224

| | libc-bin | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libc-bin | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224

| | libc-bin | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html

| | libc-bin | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019

| | libc-bin | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462

| | libc-bin | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html

| | libc-bin | CVE-2021-33574 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1

Click to expand!

Click to expand!

| | libc6 | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libc6 | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libc6 | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libc6 | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libc6 | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libc6 | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libc6 | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libc6 | CVE-2021-33574 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | libcairo2 | CVE-2017-7475 | LOW | 1.16.0-4ubuntu1 | |

Click to expand!

http://seclists.org/oss-sec/2017/q2/151
https://bugs.freedesktop.org/show_bug.cgi?id=100763
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
https://github.com/advisories/GHSA-5v3f-73gv-x7x5
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2017-7475

| | libcairo2 | CVE-2017-9814 | LOW | 1.16.0-4ubuntu1 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00042.html
https://bugs.freedesktop.org/show_bug.cgi?id=101547
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9814
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/201904-01

| | libcairo2 | CVE-2018-18064 | LOW | 1.16.0-4ubuntu1 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064
https://gitlab.freedesktop.org/cairo/cairo/issues/341
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcairo2 | CVE-2019-6461 | LOW | 1.16.0-4ubuntu1 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/352
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcairo2 | CVE-2019-6462 | LOW | 1.16.0-4ubuntu1 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6462
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/353
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcups2 | CVE-2019-8842 | LOW | 2.3.1-9ubuntu1.1 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT210788

| | libcups2 | CVE-2020-10001 | LOW | 2.3.1-9ubuntu1.1 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001
https://linux.oracle.com/cve/CVE-2020-10001.html
https://linux.oracle.com/errata/ELSA-2021-4393.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html
https://support.apple.com/en-us/HT212011

| | libdbus-1-3 | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | |

Click to expand!

| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |

Click to expand!

https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html

Click to expand!

| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Click to expand!

| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

Click to expand!

https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
https://crbug.com/1194899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30535
https://github.com/unicode-org/icu/pull/1698
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
https://ubuntu.com/security/notices/USN-5156-1

| | libjbig0 | CVE-2017-9937 | LOW | 2.1-3.1build1 | |

Click to expand!

http://bugzilla.maptools.org/show_bug.cgi?id=2707
http://www.securityfocus.com/bid/99304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libjbig2dec0 | CVE-2017-9216 | LOW | 0.18-1ubuntu1 | |

Click to expand!

http://www.securityfocus.com/bid/98680
https://bugs.ghostscript.com/show_bug.cgi?id=697934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9216
https://lists.debian.org/debian-lts-announce/2021/10/msg00023.html

| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html

Click to expand!

| | libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Click to expand!

| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

Click to expand!

| | libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Click to expand!

Click to expand!

| | libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Click to expand!

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1891605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25664

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1894226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27752

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2020-29599 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2021-20241 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2021-20243 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2021-20244 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2021-20245 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2021-20246 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2021-20309 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2021-20312 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6 | CVE-2021-20313 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1891605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25664

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1894226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27752

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2020-29599 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2021-20241 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2021-20243 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2021-20244 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2021-20245 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2021-20246 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2021-20309 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2021-20312 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickcore-6.q16-6-extra | CVE-2021-20313 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1891605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25664

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1894226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27752

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2020-29599 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2021-20241 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2021-20243 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2021-20244 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2021-20245 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2021-20246 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2021-20309 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2021-20312 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

| | libmagickwand-6.q16-6 | CVE-2021-20313 | LOW | 8:6.9.10.23+dfsg-2.1ubuntu11.4 | |

Click to expand!

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527
https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
https://linux.oracle.com/cve/CVE-2021-43527.html
https://linux.oracle.com/errata/ELSA-2021-4904.html
https://ubuntu.com/security/notices/USN-5168-1
https://ubuntu.com/security/notices/USN-5168-2
https://ubuntu.com/security/notices/USN-5168-3
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/

| | libnss3 | CVE-2020-25648 | LOW | 2:3.49.1-1ubuntu1.5 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1887319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25648
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
https://linux.oracle.com/cve/CVE-2020-25648.html
https://linux.oracle.com/errata/ELSA-2021-3572.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRM53IQCPZT2US3M7JXTP6I6IBA5RGOD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPOLN6DJUYQ3QBQEGLZGV73SNIPK7GHV/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html

| | libopenexr24 | CVE-2021-20296 | LOW | 2.3.0-6ubuntu0.5 | |

Click to expand!

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854
https://bugzilla.redhat.com/show_bug.cgi?id=1939141
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20296
https://lists.debian.org/debian-lts-announce/2021/07/msg00001.html
https://ubuntu.com/security/notices/USN-4996-1
https://ubuntu.com/security/notices/USN-4996-2
https://www.openexr.com/

| | libopenexr24 | CVE-2021-3598 | LOW | 2.3.0-6ubuntu0.5 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1970987
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3598
https://github.com/AcademySoftwareFoundation/openexr/pull/1037
https://ubuntu.com/security/notices/USN-4996-1
https://ubuntu.com/security/notices/USN-4996-2

| | libopenjp2-7 | CVE-2019-6988 | LOW | 2.3.1-1ubuntu4.20.04.1 | |

Click to expand!

http://www.securityfocus.com/bid/106785
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6988
https://github.com/uclouvain/openjpeg/issues/1178

| | libopenjp2-7 | CVE-2021-29338 | LOW | 2.3.1-1ubuntu4.20.04.1 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29338
https://github.com/uclouvain/openjpeg/issues/1338
https://github.com/uclouvain/openjpeg/pull/1346
https://linux.oracle.com/cve/CVE-2021-29338.html
https://linux.oracle.com/errata/ELSA-2021-4251.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/

| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |

Click to expand!

http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt

| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt

Click to expand!

https://bugs.python.org/issue36384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
https://docs.python.org/3/library/ipaddress.html
https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst
https://github.com/python/cpython/pull/12577
https://github.com/python/cpython/pull/25099
https://github.com/sickcodes
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md
https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html
https://security.netapp.com/advisory/ntap-20210622-0003/
https://sick.codes/sick-2021-014
https://ubuntu.com/security/notices/USN-4973-1
https://ubuntu.com/security/notices/USN-4973-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html

Click to expand!

| | libpython3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | |

Click to expand!

Click to expand!

Click to expand!

| | libpython3.8-stdlib | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | |

Click to expand!

| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768

| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/

| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/

| | libtasn1-6 | CVE-2018-1000654 | LOW | 4.16.0-2 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

Click to expand!

http://bugzilla.maptools.org/show_bug.cgi?id=2851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19143
https://gitlab.com/libtiff/libtiff/-/issues/158
https://gitlab.com/libtiff/libtiff/-/merge_requests/119
https://security.netapp.com/advisory/ntap-20211004-0005/
https://ubuntu.com/security/notices/USN-5084-1
https://www.debian.org/security/2021/dsa-4997

| | libtiff5 | CVE-2018-10126 | LOW | 4.1.0+git191117-2ubuntu0.20.04.1 | |

Click to expand!

http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Click to expand!

| | libxslt1.1 | CVE-2015-9019 | LOW | 1.1.34-4 | |

Click to expand!

https://bugzilla.gnome.org/show_bug.cgi?id=758400
https://bugzilla.suse.com/show_bug.cgi?id=934119
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9019

Click to expand!

Click to expand!

| | locales | CVE-2016-10228 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | locales | CVE-2019-25013 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | locales | CVE-2020-27618 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | locales | CVE-2020-29562 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | locales | CVE-2020-6096 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | locales | CVE-2021-27645 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | locales | CVE-2021-3326 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | locales | CVE-2021-33574 | LOW | 2.31-0ubuntu9.2 | |

Click to expand!

| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |

Click to expand!

https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235

| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |

Click to expand!

Click to expand!

http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c

Click to expand!

Click to expand!

| | python3.8 | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | |

Click to expand!

Click to expand!

Click to expand!

| | python3.8-minimal | CVE-2021-23336 | LOW | 3.8.10-0ubuntu1~20.04 | |

Click to expand!

Click to expand!

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
https://github.com/aawc/unrar/releases
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml

| | xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-2ubuntu1 | |

Click to expand!

http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| **python-pkg** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | SQLAlchemy-Utils | pyup.io-42194 | UNKNOWN | 0.37.8 | |

Click to expand!

Click to expand!

Click to expand!

https://github.com/advisories/GHSA-r8wq-qrxc-hmcm
https://github.com/python-ldap/python-ldap/issues/424
https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm

| | urllib3 | CVE-2021-33503 | HIGH | 1.25.11 | 1.26.5 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html