# Security Scan ## Helm-Chart ##### Scan Results 2021-12-04T19:24:35.015Z [34mINFO[0m Detected config files: 1 #### cloud9/templates/common.yaml **kubernetes** | No Vulnerabilities found | |:---------------------------------| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c tccr.io/truecharts/cloud9:version-1.29.2@sha256:4891fa151fe52c43719f0346124f29c81ed47be16cdc34554b8896b0cb80cb73 ##### Scan Results **Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c** 2021-12-04T19:25:01.448Z [34mINFO[0m Detected OS: alpine 2021-12-04T19:25:01.448Z [34mINFO[0m Detecting Alpine vulnerabilities... 2021-12-04T19:25:01.454Z [34mINFO[0m Number of language-specific files: 0 #### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |

Click to expand!

| | ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |

Click to expand!

| | ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |

Click to expand!

| **Container: tccr.io/truecharts/cloud9:version-1.29.2@sha256:4891fa151fe52c43719f0346124f29c81ed47be16cdc34554b8896b0cb80cb73** 2021-12-04T19:25:16.818Z [34mINFO[0m Detected OS: ubuntu 2021-12-04T19:25:16.818Z [34mINFO[0m Detecting Ubuntu vulnerabilities... 2021-12-04T19:25:16.823Z [34mINFO[0m Number of language-specific files: 1 2021-12-04T19:25:16.823Z [34mINFO[0m Detecting node-pkg vulnerabilities... #### tccr.io/truecharts/cloud9:version-1.29.2@sha256:4891fa151fe52c43719f0346124f29c81ed47be16cdc34554b8896b0cb80cb73 (ubuntu 18.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | |

Click to expand!

http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8

| | coreutils | CVE-2016-2781 | LOW | 8.28-1ubuntu1 | |

Click to expand!

http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/

| | dirmngr | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html
https://access.redhat.com/articles/4264021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://linux.oracle.com/cve/CVE-2019-13050.html
https://linux.oracle.com/errata/ELSA-2020-4490.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
https://support.f5.com/csp/article/K08654551
https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS
https://twitter.com/lambdafu/status/1147162583969009664

Click to expand!

http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8

| | git | CVE-2018-1000021 | LOW | 1:2.17.1-1ubuntu0.9 | |

Click to expand!

http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021

| | git-man | CVE-2018-1000021 | LOW | 1:2.17.1-1ubuntu0.9 | |

Click to expand!

http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021

| | gnupg | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gnupg-l10n | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gnupg-utils | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gpg | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gpg-agent | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gpg-wks-client | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gpg-wks-server | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gpgconf | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gpgsm | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

| | gpgv | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |

Click to expand!

Click to expand!

http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217
https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086
https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/
https://security.netapp.com/advisory/ntap-20190416-0006/

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html

| | krb5-locales | CVE-2018-5709 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | krb5-locales | CVE-2018-5710 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)

| | libasn1-8-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098
https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
https://github.com/heimdal/heimdal/compare/3e58559...bbafe72
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
https://seclists.org/bugtraq/2019/Jun/1
https://www.debian.org/security/2019/dsa-4455

| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions

Click to expand!

https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8

| | libc-bin | CVE-2009-5155 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5155
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://security.netapp.com/advisory/ntap-20190315-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=11053
https://sourceware.org/bugzilla/show_bug.cgi?id=18986
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672
https://support.f5.com/csp/article/K64119434
https://support.f5.com/csp/article/K64119434?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4954-1

| | libc-bin | CVE-2015-8985 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

http://www.openwall.com/lists/oss-security/2017/02/14/9
http://www.securityfocus.com/bid/76916
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8985
https://security.gentoo.org/glsa/201908-06

| | libc-bin | CVE-2016-10228 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

http://openwall.com/lists/oss-security/2017/03/01/10
http://www.securityfocus.com/bid/96525
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228
https://linux.oracle.com/cve/CVE-2016-10228.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/show_bug.cgi?id=19519
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224

| | libc-bin | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018

| | libc-bin | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc-bin | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224

| | libc-bin | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019

| | libc-bin | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html

| | libc-bin | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1

Click to expand!

Click to expand!

| | libc6 | CVE-2009-5155 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc6 | CVE-2015-8985 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc6 | CVE-2016-10228 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc6 | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc6 | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc6 | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc6 | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc6 | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | libc6 | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

Click to expand!

| | libgnutls30 | CVE-2018-16868 | LOW | 3.5.18-1ubuntu1.5 | |

Click to expand!

http://cat.eyalro.net/
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00068.html
http://www.securityfocus.com/bid/106080
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16868

Click to expand!

Click to expand!

| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

| | libgssapi-krb5-2 | CVE-2018-5710 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)

| | libgssapi3-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libhcrypto4-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libheimbase1-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libheimntlm0-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libhx509-5-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

Click to expand!

Click to expand!

| | libk5crypto3 | CVE-2018-5709 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

| | libk5crypto3 | CVE-2018-5710 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)

| | libkrb5-26-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

Click to expand!

Click to expand!

| | libkrb5-3 | CVE-2018-5709 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

| | libkrb5-3 | CVE-2018-5710 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)

Click to expand!

Click to expand!

| | libkrb5support0 | CVE-2018-5709 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

| | libkrb5support0 | CVE-2018-5710 | LOW | 1.16-2ubuntu0.2 | |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)

| | libncurses5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | libncurses5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | libncursesw5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

| | libncursesw5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.html
https://access.redhat.com/errata/RHSA-2019:2692
https://access.redhat.com/errata/RHSA-2019:2745
https://access.redhat.com/errata/RHSA-2019:2746
https://access.redhat.com/errata/RHSA-2019:2775
https://access.redhat.com/errata/RHSA-2019:2799
https://access.redhat.com/errata/RHSA-2019:2925
https://access.redhat.com/errata/RHSA-2019:2939
https://access.redhat.com/errata/RHSA-2019:2949
https://access.redhat.com/errata/RHSA-2019:2955
https://access.redhat.com/errata/RHSA-2019:2966
https://access.redhat.com/errata/RHSA-2019:3041
https://access.redhat.com/errata/RHSA-2019:3932
https://access.redhat.com/errata/RHSA-2019:3933
https://access.redhat.com/errata/RHSA-2019:3935
https://access.redhat.com/errata/RHSA-2019:4018
https://access.redhat.com/errata/RHSA-2019:4019
https://access.redhat.com/errata/RHSA-2019:4020
https://access.redhat.com/errata/RHSA-2019:4021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
https://kb.cert.org/vuls/id/605641/
https://kc.mcafee.com/corporate/index?page=content&id=SB10296
https://linux.oracle.com/cve/CVE-2019-9511.html
https://linux.oracle.com/errata/ELSA-2020-5862.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BP556LEG3WENHZI5TAQ6ZEBFTJB4E2IS/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUBYAF6ED3O4XCHQ5C2HYENJLXYXZC4M/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZLUYPYY3RX4ZJDWZRJIKSULYRJ4PXW7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPAEC4FWL4UU4LDEGPY5NPALU24FFQD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TAZZEVTCN2B4WT6AIBJ7XGYJMBTORJU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XHTKU7YQ5EEP2XNSAV4M4VJ7QCBOJMOD/
https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
https://seclists.org/bugtraq/2019/Aug/40
https://seclists.org/bugtraq/2019/Sep/1
https://security.netapp.com/advisory/ntap-20190823-0002/
https://security.netapp.com/advisory/ntap-20190823-0005/
https://support.f5.com/csp/article/K02591030
https://support.f5.com/csp/article/K02591030?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4099-1
https://usn.ubuntu.com/4099-1/
https://www.debian.org/security/2019/dsa-4505
https://www.debian.org/security/2019/dsa-4511
https://www.debian.org/security/2020/dsa-4669
https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.synology.com/security/advisory/Synology_SA_19_33

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.html
https://access.redhat.com/errata/RHSA-2019:2692
https://access.redhat.com/errata/RHSA-2019:2745
https://access.redhat.com/errata/RHSA-2019:2746
https://access.redhat.com/errata/RHSA-2019:2775
https://access.redhat.com/errata/RHSA-2019:2799
https://access.redhat.com/errata/RHSA-2019:2925
https://access.redhat.com/errata/RHSA-2019:2939
https://access.redhat.com/errata/RHSA-2019:2949
https://access.redhat.com/errata/RHSA-2019:2955
https://access.redhat.com/errata/RHSA-2019:2966
https://access.redhat.com/errata/RHSA-2019:3041
https://access.redhat.com/errata/RHSA-2019:3932
https://access.redhat.com/errata/RHSA-2019:3933
https://access.redhat.com/errata/RHSA-2019:3935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
https://kb.cert.org/vuls/id/605641/
https://kc.mcafee.com/corporate/index?page=content&id=SB10296
https://linux.oracle.com/cve/CVE-2019-9513.html
https://linux.oracle.com/errata/ELSA-2019-2925.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUBYAF6ED3O4XCHQ5C2HYENJLXYXZC4M/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZLUYPYY3RX4ZJDWZRJIKSULYRJ4PXW7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPAEC4FWL4UU4LDEGPY5NPALU24FFQD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TAZZEVTCN2B4WT6AIBJ7XGYJMBTORJU5/
https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/
https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
https://seclists.org/bugtraq/2019/Aug/40
https://seclists.org/bugtraq/2019/Sep/1
https://security.netapp.com/advisory/ntap-20190823-0002/
https://security.netapp.com/advisory/ntap-20190823-0005/
https://support.f5.com/csp/article/K02591030
https://support.f5.com/csp/article/K02591030?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4099-1
https://usn.ubuntu.com/4099-1/
https://www.debian.org/security/2019/dsa-4505
https://www.debian.org/security/2019/dsa-4511
https://www.debian.org/security/2020/dsa-4669
https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.synology.com/security/advisory/Synology_SA_19_33

| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-9 | |

Click to expand!

http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-9 | |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt

| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-9 | |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt

Click to expand!

http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c

| | libroken18-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768

| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.22.0-1ubuntu0.4 | |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/

| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.22.0-1ubuntu0.4 | |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/

Click to expand!

| | libtasn1-6 | CVE-2018-1000654 | LOW | 4.13-2 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libtinfo5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

| | libtinfo5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | libwind0-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |

Click to expand!

Click to expand!

Click to expand!

| | locales | CVE-2009-5155 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | locales | CVE-2015-8985 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | locales | CVE-2016-10228 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | locales | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | locales | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | locales | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | locales | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | locales | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | locales | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | login | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | |

Click to expand!

https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235

| | login | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | |

Click to expand!

https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09

Click to expand!

Click to expand!

| | multiarch-support | CVE-2009-5155 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | multiarch-support | CVE-2015-8985 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | multiarch-support | CVE-2016-10228 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | multiarch-support | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | multiarch-support | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | multiarch-support | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | multiarch-support | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | multiarch-support | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | multiarch-support | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |

Click to expand!

| | ncurses-base | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

| | ncurses-base | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | ncurses-bin | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

| | ncurses-bin | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28

| | passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | |

Click to expand!

| | passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | |

Click to expand!

Click to expand!

Click to expand!

Click to expand!

| **node-pkg** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bl | CVE-2020-8244 | MEDIUM | 1.1.2 | 2.2.1, 1.2.3, 4.0.3, 3.0.1 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8244
https://github.com/advisories/GHSA-pp7h-53gx-mx7r
https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e
https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190
https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466
https://hackerone.com/reports/966347
https://nvd.nist.gov/vuln/detail/CVE-2020-8244
https://ubuntu.com/security/notices/USN-5098-1

| | brace-expansion | CVE-2017-18077 | HIGH | 1.1.3 | 1.1.7 |

Click to expand!

https://bugs.debian.org/862712
https://github.com/advisories/GHSA-832h-xg76-4gv6
https://github.com/juliangruber/brace-expansion/issues/33
https://github.com/juliangruber/brace-expansion/pull/35
https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3
https://nodesecurity.io/advisories/338
https://nvd.nist.gov/vuln/detail/CVE-2017-18077
https://www.npmjs.com/advisories/338

Click to expand!

https://github.com/juliangruber/brace-expansion/issues/33
https://github.com/juliangruber/brace-expansion/pull/35
https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3

| | brace-expansion | CVE-2017-18077 | HIGH | 1.1.4 | 1.1.7 |

Click to expand!

Click to expand!

| | brace-expansion | CVE-2017-18077 | HIGH | 1.1.5 | 1.1.7 |

Click to expand!

Click to expand!

Click to expand!

https://gist.github.com/ChALkeR/c2d2fd3f1d72d51ad883df195be03a85
https://github.com/advisories/GHSA-g74r-ffvr-5q9f
https://github.com/maxogden/concat-stream/pull/47
https://github.com/maxogden/concat-stream/pull/47/commits/3e285ba5e5b10b7c98552217f5c1023829efe69e
https://nodesecurity.io/advisories/597
https://www.npmjs.com/advisories/597

Click to expand!

https://gist.github.com/ChALkeR/c2d2fd3f1d72d51ad883df195be03a85
https://github.com/maxogden/concat-stream/pull/47

| | cookie-signature | CVE-2016-1000236 | MEDIUM | 1.0.1 | >=1.0.6 |

Click to expand!

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838618
https://bugzilla.redhat.com/show_bug.cgi?id=1371409
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000236
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000236
https://github.com/advisories/GHSA-92vm-wfm5-mxvv
https://github.com/tj/node-cookie-signature/commit/2c4df6b6cee540f30876198cd0b5bebf28528c07
https://github.com/tj/node-cookie-signature/commit/39791081692e9e14aa62855369e1c7f80fbfd50e
https://github.com/tj/node-cookie-signature/commit/4cc5e21e7f59a4ea0b51cd5e9634772d48fab590
https://nodesecurity.io/advisories/134
https://nvd.nist.gov/vuln/detail/CVE-2016-1000236
https://security-tracker.debian.org/tracker/CVE-2016-1000236
https://travis-ci.com/nodejs/security-wg/builds/76423102
https://www.mail-archive.com/secure-testing-team@lists.alioth.debian.org/msg06583.html
https://www.npmjs.com/advisories/134

| | cryptiles | CVE-2018-1000620 | CRITICAL | 2.0.5 | 4.1.2 |

Click to expand!

https://github.com/advisories/GHSA-rq8g-5pc5-wrhr
https://github.com/hapijs/cryptiles/issues/34
https://github.com/nodejs/security-wg/blob/master/vuln/npm/476.json
https://nvd.nist.gov/vuln/detail/CVE-2018-1000620
https://www.npmjs.com/advisories/1464
https://www.npmjs.com/advisories/720

| | debug | CVE-2017-16137 | MEDIUM | 0.7.4 | 3.1.0, 2.6.9 |

Click to expand!

https://github.com/advisories/GHSA-gxpj-cx7g-858c
https://github.com/visionmedia/debug/issues/501
https://github.com/visionmedia/debug/pull/504
https://lists.apache.org/thread.html/r8ba4c628fba7181af58817d452119481adce4ba92e889c643e4c7dd3@%3Ccommits.netbeans.apache.org%3E
https://lists.apache.org/thread.html/rb5ac16fad337d1f3bb7079549f97d8166d0ef3082629417c39f12d63@%3Cnotifications.netbeans.apache.org%3E
https://nodesecurity.io/advisories/534
https://nvd.nist.gov/vuln/detail/CVE-2017-16137
https://www.npmjs.com/advisories/534

| | debug | CVE-2017-16137 | MEDIUM | 2.2.0 | 3.1.0, 2.6.9 |

Click to expand!

| | deep-extend | CVE-2018-3750 | CRITICAL | 0.4.1 | 0.5.1 |

Click to expand!

https://github.com/advisories/GHSA-hr2v-3952-633q
https://hackerone.com/reports/311333
https://nodesecurity.io/advisories/612
https://nvd.nist.gov/vuln/detail/CVE-2018-3750
https://www.npmjs.com/advisories/612

| | deep-extend | NSWG-ECO-408 | LOW | 0.4.1 | >=0.5.1 |

Click to expand!

https://hackerone.com/reports/311333

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1552148
https://github.com/advisories/GHSA-h6ch-v84p-w6p9
https://github.com/kpdecker/jsdiff/commit/2aec4298639bf30fb88a00b356bf404d3551b8c0
https://snyk.io/vuln/npm:diff:20180305
https://www.npmjs.com/advisories/1631
https://www.whitesourcesoftware.com/vulnerability-database/WS-2018-0590

| | ejs | CVE-2017-1000228 | CRITICAL | 1.0.0 | 2.5.5 |

Click to expand!

http://www.securityfocus.com/bid/101897
https://github.com/advisories/GHSA-3w5v-p54c-f74x
https://nvd.nist.gov/vuln/detail/CVE-2017-1000228
https://snyk.io/vuln/npm:ejs:20161128

| | ejs | CVE-2017-1000189 | HIGH | 1.0.0 | 2.5.5 |

Click to expand!

http://www.securityfocus.com/bid/101893
https://github.com/advisories/GHSA-6x77-rpqf-j6mw
https://github.com/mde/ejs/commit/49264e0037e313a0a3e033450b5c184112516d8f
https://nvd.nist.gov/vuln/detail/CVE-2017-1000189
https://snyk.io/vuln/npm:ejs:20161130-1

| | ejs | CVE-2017-1000188 | MEDIUM | 1.0.0 | 2.5.5 |

Click to expand!

http://www.securityfocus.com/bid/101889
https://github.com/advisories/GHSA-hwcf-pp87-7x6p
https://github.com/mde/ejs/commit/49264e0037e313a0a3e033450b5c184112516d8f
https://nvd.nist.gov/vuln/detail/CVE-2017-1000188
https://snyk.io/vuln/npm:ejs:20161130

| | extend | CVE-2018-16492 | CRITICAL | 3.0.0 | 2.0.2, 3.0.2 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16492
https://github.com/advisories/GHSA-qrmc-fj45-qfc2
https://hackerone.com/reports/381185
https://nvd.nist.gov/vuln/detail/CVE-2018-16492
https://snyk.io/vuln/npm:extend:20180424
https://www.npmjs.com/advisories/996

| | fresh | CVE-2017-16119 | HIGH | 0.2.0 | 0.5.2 |

Click to expand!

https://github.com/advisories/GHSA-9qj9-36jm-prpv
https://nodesecurity.io/advisories/526
https://nvd.nist.gov/vuln/detail/CVE-2017-16119
https://www.npmjs.com/advisories/526

| | fstream | CVE-2019-13173 | HIGH | 1.0.10 | 1.0.12 |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00052.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13173
https://github.com/advisories/GHSA-xf7w-r453-m56c
https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22
https://nvd.nist.gov/vuln/detail/CVE-2019-13173
https://ubuntu.com/security/notices/USN-4123-1
https://usn.ubuntu.com/4123-1/
https://www.npmjs.com/advisories/886

| | fstream | CVE-2019-13173 | HIGH | 1.0.9 | 1.0.12 |

Click to expand!

| | growl | CVE-2017-16042 | CRITICAL | 1.7.0 | 1.10.0 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16042
https://github.com/advisories/GHSA-qh2h-chj9-jffq
https://github.com/tj/node-growl/issues/60
https://github.com/tj/node-growl/pull/61
https://nodesecurity.io/advisories/146
https://nvd.nist.gov/vuln/detail/CVE-2017-16042
https://www.npmjs.com/advisories/146

| | hoek | CVE-2018-3728 | HIGH | 2.16.3 | >=5.0.3 >=4.2.1 |

Click to expand!

http://www.securityfocus.com/bid/103108
https://access.redhat.com/errata/RHSA-2018:1263
https://access.redhat.com/errata/RHSA-2018:1264
https://github.com/advisories/GHSA-jp4x-w63m-7wgm
https://github.com/hapijs/hoek/commit/32ed5c9413321fbc37da5ca81a7cbab693786dee
https://hackerone.com/reports/310439
https://nodesecurity.io/advisories/566
https://nvd.nist.gov/vuln/detail/CVE-2018-3728
https://snyk.io/vuln/npm:hoek:20180212
https://www.npmjs.com/advisories/566

| | hosted-git-info | CVE-2021-23362 | MEDIUM | 2.1.5 | 2.8.9, 3.0.8 |

Click to expand!

https://github.com/advisories/GHSA-43f8-2h32-f4cj
https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7
https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01
https://github.com/npm/hosted-git-info/commit/bede0dc38e1785e732bf0a48ba6f81a4a908eba3
https://github.com/npm/hosted-git-info/commits/v2
https://github.com/npm/hosted-git-info/pull/76
https://linux.oracle.com/cve/CVE-2021-23362.html
https://linux.oracle.com/errata/ELSA-2021-3074.html
https://nvd.nist.gov/vuln/detail/CVE-2021-23362
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1088356
https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355

| | ini | CVE-2020-7788 | HIGH | 1.3.4 | 1.3.6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788
https://github.com/advisories/GHSA-qqgx-2p2h-9c37
https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1
https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1 (v1.3.6)
https://linux.oracle.com/cve/CVE-2020-7788.html
https://linux.oracle.com/errata/ELSA-2021-0551.html
https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7788
https://snyk.io/vuln/SNYK-JS-INI-1048974
https://www.npmjs.com/advisories/1589

| | ini | CVE-2020-7788 | HIGH | 1.3.5 | 1.3.6 |

Click to expand!

| | is-my-json-valid | CVE-2016-2537 | HIGH | 2.13.1 | 1.4.1, 2.17.2 |

Click to expand!

https://github.com/advisories/GHSA-f522-ffg8-j8r6
https://github.com/mafintosh/is-my-json-valid/commit/b3051b277f7caa08cd2edc6f74f50aeda65d2976
https://github.com/mafintosh/is-my-json-valid/commit/eca4beb21e61877d76fdf6bea771f72f39544d9b
https://github.com/mafintosh/is-my-json-valid/pull/159
https://hackerone.com/reports/317548
https://nodesecurity.io/advisories/76
https://nvd.nist.gov/vuln/detail/CVE-2016-2537
https://www.npmjs.com/advisories/572
https://www.npmjs.com/advisories/76
https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | is-my-json-valid | NSWG-ECO-375 | LOW | 2.13.1 | >=1.4.1 <2.0.0, >=2.17.2 |

Click to expand!

https://github.com/mafintosh/is-my-json-valid/commit/b3051b277f7caa08cd2edc6f74f50aeda65d2976
https://github.com/mafintosh/is-my-json-valid/pull/159
https://hackerone.com/reports/317548

| | json-schema | CVE-2021-3918 | CRITICAL | 0.2.2 | 0.4.0 |

Click to expand!

https://github.com/advisories/GHSA-896r-f27r-55mw
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
https://nvd.nist.gov/vuln/detail/CVE-2021-3918

| | json-schema | CVE-2021-3918 | CRITICAL | 0.2.3 | 0.4.0 |

Click to expand!

| | jsonpointer | CVE-2021-23807 | CRITICAL | 2.0.0 | 5.0.0 |

Click to expand!

https://github.com/advisories/GHSA-282f-qqgm-c34q
https://github.com/janl/node-jsonpointer/commit/a0345f3550cd9c4d89f33b126390202b89510ad4
https://github.com/janl/node-jsonpointer/pull/51
https://nvd.nist.gov/vuln/detail/CVE-2021-23807
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910273
https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577288

| | lodash | CVE-2019-10744 | CRITICAL | 1.3.1 | 4.17.12 |

Click to expand!

https://access.redhat.com/errata/RHSA-2019:3024
https://github.com/advisories/GHSA-jf85-cpcp-j695
https://github.com/lodash/lodash/pull/4336
https://nvd.nist.gov/vuln/detail/CVE-2019-10744
https://security.netapp.com/advisory/ntap-20191004-0005/
https://snyk.io/vuln/SNYK-JS-LODASH-450202
https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS
https://www.npmjs.com/advisories/1065
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html

| | lodash | CVE-2020-8203 | HIGH | 1.3.1 | 4.17.19 |

Click to expand!

https://github.com/advisories/GHSA-p6mc-m468-83gw
https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12
https://github.com/lodash/lodash/issues/4744
https://github.com/lodash/lodash/issues/4874
https://hackerone.com/reports/712065
https://nvd.nist.gov/vuln/detail/CVE-2020-8203
https://security.netapp.com/advisory/ntap-20200724-0006/
https://www.npmjs.com/advisories/1523
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html

| | lodash | CVE-2021-23337 | HIGH | 1.3.1 | 4.17.21 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337
https://github.com/advisories/GHSA-35jh-r3h4-6jhm
https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851
https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851
https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c
https://nvd.nist.gov/vuln/detail/CVE-2021-23337
https://security.netapp.com/advisory/ntap-20210312-0006/
https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929
https://snyk.io/vuln/SNYK-JS-LODASH-1040724
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html

| | lodash | CVE-2018-16487 | MEDIUM | 1.3.1 | >=4.17.11 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487
https://github.com/advisories/GHSA-4xc9-xhrj-v574
https://hackerone.com/reports/380873
https://nvd.nist.gov/vuln/detail/CVE-2018-16487
https://security.netapp.com/advisory/ntap-20190919-0004/
https://www.npmjs.com/advisories/782

| | lodash | CVE-2018-3721 | MEDIUM | 1.3.1 | >=4.17.5 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721
https://github.com/advisories/GHSA-fvqr-27wr-82fm
https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a
https://hackerone.com/reports/310443
https://nvd.nist.gov/vuln/detail/CVE-2018-3721
https://security.netapp.com/advisory/ntap-20190919-0004/
https://snyk.io/vuln/npm:lodash:20180130
https://www.npmjs.com/advisories/577

| | lodash | CVE-2019-1010266 | MEDIUM | 1.3.1 | 4.17.11 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010266
https://github.com/advisories/GHSA-x5rq-j2xg-h7qm
https://github.com/lodash/lodash/commit/5c08f18d365b64063bfbfa686cbb97cdd6267347
https://github.com/lodash/lodash/issues/3359
https://github.com/lodash/lodash/wiki/Changelog
https://nvd.nist.gov/vuln/detail/CVE-2019-1010266
https://security.netapp.com/advisory/ntap-20190919-0004/
https://snyk.io/vuln/SNYK-JS-LODASH-73639

| | mime | CVE-2017-16138 | HIGH | 1.2.11 | 2.0.3, 1.4.1 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16138
https://github.com/advisories/GHSA-wrvr-8mpx-r7pp
https://github.com/broofa/node-mime/commit/1df903fdeb9ae7eaa048795b8d580ce2c98f40b0 (2.x)
https://github.com/broofa/node-mime/commit/855d0c4b8b22e4a80b9401a81f2872058eae274d (1.x)
https://github.com/broofa/node-mime/issues/167
https://nodesecurity.io/advisories/535
https://nvd.nist.gov/vuln/detail/CVE-2017-16138
https://www.npmjs.com/advisories/535

| | mime | CVE-2017-16138 | HIGH | 1.2.7 | 2.0.3, 1.4.1 |

Click to expand!

| | minimatch | CVE-2016-10540 | HIGH | 0.2.14 | 3.0.2 |

Click to expand!

https://github.com/advisories/GHSA-hxm2-r34f-qmc5
https://nodesecurity.io/advisories/118
https://nvd.nist.gov/vuln/detail/CVE-2016-10540
https://www.npmjs.com/advisories/118

Click to expand!

https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | minimatch | CVE-2016-10540 | HIGH | 0.3.0 | 3.0.2 |

Click to expand!

https://github.com/advisories/GHSA-hxm2-r34f-qmc5
https://nodesecurity.io/advisories/118
https://nvd.nist.gov/vuln/detail/CVE-2016-10540
https://www.npmjs.com/advisories/118

Click to expand!

https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | minimatch | CVE-2016-10540 | HIGH | 1.0.0 | 3.0.2 |

Click to expand!

https://github.com/advisories/GHSA-hxm2-r34f-qmc5
https://nodesecurity.io/advisories/118
https://nvd.nist.gov/vuln/detail/CVE-2016-10540
https://www.npmjs.com/advisories/118

Click to expand!

https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | minimatch | CVE-2016-10540 | HIGH | 2.0.10 | 3.0.2 |

Click to expand!

https://github.com/advisories/GHSA-hxm2-r34f-qmc5
https://nodesecurity.io/advisories/118
https://nvd.nist.gov/vuln/detail/CVE-2016-10540
https://www.npmjs.com/advisories/118

Click to expand!

https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | minimatch | CVE-2016-10540 | HIGH | 3.0.0 | 3.0.2 |

Click to expand!

https://github.com/advisories/GHSA-hxm2-r34f-qmc5
https://nodesecurity.io/advisories/118
https://nvd.nist.gov/vuln/detail/CVE-2016-10540
https://www.npmjs.com/advisories/118

Click to expand!

https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | minimist | CVE-2020-7598 | MEDIUM | 0.0.10 | 1.2.3, 0.2.1 |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html
https://github.com/advisories/GHSA-vh95-rmgr-6w4m
https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab
https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95
https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94
https://linux.oracle.com/cve/CVE-2020-7598.html
https://linux.oracle.com/errata/ELSA-2020-2852.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7598
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
https://www.npmjs.com/advisories/1179

| | minimist | CVE-2020-7598 | MEDIUM | 0.0.8 | 1.2.3, 0.2.1 |

Click to expand!

| | minimist | CVE-2020-7598 | MEDIUM | 1.2.0 | 1.2.3, 0.2.1 |

Click to expand!

| | moment | CVE-2017-18214 | HIGH | 2.1.0 | 2.19.3 |

Click to expand!

https://github.com/advisories/GHSA-446m-mv8f-q348
https://github.com/moment/moment/issues/4163
https://github.com/moment/moment/pull/4326
https://nodesecurity.io/advisories/532
https://nvd.nist.gov/vuln/detail/CVE-2017-18214
https://www.npmjs.com/advisories/532
https://www.tenable.com/security/tns-2019-02

| | moment | CVE-2016-4055 | MEDIUM | 2.1.0 | >=2.11.2 |

Click to expand!

http://www.openwall.com/lists/oss-security/2016/04/20/11
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.securityfocus.com/bid/95849
https://github.com/advisories/GHSA-87vv-r9j6-g5qv
https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E
https://nodesecurity.io/advisories/55
https://nvd.nist.gov/vuln/detail/CVE-2016-4055
https://www.npmjs.com/advisories/55
https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS
https://www.tenable.com/security/tns-2019-02

| | ms | CVE-2015-8315 | HIGH | 0.3.0 | >0.7.0 |

Click to expand!

http://www.openwall.com/lists/oss-security/2016/04/20/11
http://www.securityfocus.com/bid/96389
https://github.com/advisories/GHSA-3fx5-fwvr-xrjg
https://github.com/unshiftio/millisecond/pull/4
https://nodesecurity.io/advisories/46
https://nvd.nist.gov/vuln/detail/CVE-2015-8315
https://support.f5.com/csp/article/K46337613?utm_source=f5support&utm_medium=RSS
https://www.npmjs.com/advisories/46
https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | negotiator | CVE-2016-10539 | HIGH | 0.3.0 | 0.6.1 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10539
https://github.com/advisories/GHSA-7mc5-chhp-fmc3
https://nodesecurity.io/advisories/106
https://nvd.nist.gov/vuln/detail/CVE-2016-10539
https://www.npmjs.com/advisories/106

Click to expand!

https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | negotiator | CVE-2016-10539 | HIGH | 0.4.9 | 0.6.1 |

Click to expand!

Click to expand!

https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

| | npm | CVE-2019-16776 | HIGH | 3.10.3 | 6.13.3 |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html
https://access.redhat.com/errata/RHEA-2020:0330
https://access.redhat.com/errata/RHSA-2020:0573
https://access.redhat.com/errata/RHSA-2020:0579
https://access.redhat.com/errata/RHSA-2020:0597
https://access.redhat.com/errata/RHSA-2020:0602
https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
https://github.com/advisories/GHSA-x8qc-rrcw-4r46
https://github.com/npm/cli/security/advisories/GHSA-x8qc-rrcw-4r46
https://linux.oracle.com/cve/CVE-2019-16776.html
https://linux.oracle.com/errata/ELSA-2020-0579.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/
https://nvd.nist.gov/vuln/detail/CVE-2019-16776
https://www.npmjs.com/advisories/1436
https://www.oracle.com/security-alerts/cpujan2020.html

| | npm | CVE-2019-16775 | MEDIUM | 3.10.3 | 6.13.3 |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html
https://access.redhat.com/errata/RHEA-2020:0330
https://access.redhat.com/errata/RHSA-2020:0573
https://access.redhat.com/errata/RHSA-2020:0579
https://access.redhat.com/errata/RHSA-2020:0597
https://access.redhat.com/errata/RHSA-2020:0602
https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
https://github.com/advisories/GHSA-m6cx-g6qm-p2cx
https://github.com/npm/cli/security/advisories/GHSA-m6cx-g6qm-p2cx
https://linux.oracle.com/cve/CVE-2019-16775.html
https://linux.oracle.com/errata/ELSA-2020-0579.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/
https://nvd.nist.gov/vuln/detail/CVE-2019-16775
https://www.npmjs.com/advisories/1434
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html

| | npm | CVE-2019-16777 | MEDIUM | 3.10.3 | 6.13.4 |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html
https://access.redhat.com/errata/RHEA-2020:0330
https://access.redhat.com/errata/RHSA-2020:0573
https://access.redhat.com/errata/RHSA-2020:0579
https://access.redhat.com/errata/RHSA-2020:0597
https://access.redhat.com/errata/RHSA-2020:0602
https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
https://github.com/advisories/GHSA-4328-8hgf-7wjr
https://github.com/npm/cli/security/advisories/GHSA-4328-8hgf-7wjr
https://linux.oracle.com/cve/CVE-2019-16777.html
https://linux.oracle.com/errata/ELSA-2020-0579.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/
https://nvd.nist.gov/vuln/detail/CVE-2019-16777
https://security.gentoo.org/glsa/202003-48
https://www.npmjs.com/advisories/1437
https://www.oracle.com/security-alerts/cpujan2020.html

| | npm | CVE-2020-15095 | MEDIUM | 3.10.3 | 6.14.6 |

Click to expand!

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00023.html
https://github.com/advisories/GHSA-93f3-23rq-pjfp
https://github.com/npm/cli/blob/66aab417f836a901f8afb265251f761bb0422463/CHANGELOG.md#6146-2020-07-07
https://github.com/npm/cli/commit/a9857b8f6869451ff058789c4631fadfde5bbcbc
https://github.com/npm/cli/security/advisories/GHSA-93f3-23rq-pjfp
https://linux.oracle.com/cve/CVE-2020-15095.html
https://linux.oracle.com/errata/ELSA-2021-0548.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/
https://nvd.nist.gov/vuln/detail/CVE-2020-15095
https://security.gentoo.org/glsa/202101-07

| | npm-user-validate | CVE-2020-7754 | HIGH | 0.1.4 | 1.0.1 |

Click to expand!

https://github.com/advisories/GHSA-pw54-mh39-w3hc
https://github.com/npm/npm-user-validate/commit/c8a87dac1a4cc6988b5418f30411a8669bef204e
https://github.com/npm/npm-user-validate/security/advisories/GHSA-xgh6-85xh-479p
https://linux.oracle.com/cve/CVE-2020-7754.html
https://linux.oracle.com/errata/ELSA-2021-0551.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7754
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1019353
https://snyk.io/vuln/SNYK-JS-NPMUSERVALIDATE-1019352

| | npm-user-validate | GHSA-xgh6-85xh-479p | LOW | 0.1.4 | 1.0.1 |

Click to expand!

https://github.com/advisories/GHSA-xgh6-85xh-479p
https://github.com/npm/npm-user-validate/security/advisories/GHSA-xgh6-85xh-479p

| | parsejson | CVE-2017-16113 | HIGH | 0.0.1 | |

Click to expand!

https://github.com/advisories/GHSA-q75g-2496-mxpp
https://github.com/get/parsejson/issues/4
https://nodesecurity.io/advisories/528
https://nvd.nist.gov/vuln/detail/CVE-2017-16113
https://www.npmjs.com/advisories/528

| | qs | CVE-2014-10064 | HIGH | 0.6.6 | 1.0.0 |

Click to expand!

https://github.com/advisories/GHSA-f9cm-p3w6-xvr3
https://nodesecurity.io/advisories/28
https://nvd.nist.gov/vuln/detail/CVE-2014-10064
https://www.npmjs.com/advisories/28

| | qs | CVE-2017-1000048 | HIGH | 0.6.6 | 6.3.2, 6.2.3, 6.1.2, 6.0.4 |

Click to expand!

https://access.redhat.com/errata/RHSA-2017:2672
https://github.com/advisories/GHSA-gqgv-6jq5-jjj9
https://github.com/ljharb/qs/commit/beade029171b8cef9cee0d03ebe577e2dd84976d
https://github.com/ljharb/qs/issues/200
https://nvd.nist.gov/vuln/detail/CVE-2017-1000048
https://snyk.io/vuln/npm:qs:20170213
https://www.npmjs.com/advisories/1469

| | qs | CVE-2014-7191 | MEDIUM | 0.6.6 | >= 1.x |

Click to expand!

http://secunia.com/advisories/60026
http://secunia.com/advisories/62170
http://www-01.ibm.com/support/docview.wss?uid=swg21685987
http://www-01.ibm.com/support/docview.wss?uid=swg21687263
http://www-01.ibm.com/support/docview.wss?uid=swg21687928
https://access.redhat.com/errata/RHSA-2016:1380
https://exchange.xforce.ibmcloud.com/vulnerabilities/96729
https://github.com/advisories/GHSA-jjv7-qpx3-h62q
https://github.com/raymondfeng/node-querystring/commit/43a604b7847e56bba49d0ce3e222fe89569354d8
https://github.com/visionmedia/node-querystring/issues/104
https://nodesecurity.io/advisories/qs_dos_memory_exhaustion
https://nvd.nist.gov/vuln/detail/CVE-2014-7191
https://www.npmjs.com/advisories/29

| | qs | NSWG-ECO-28 | MEDIUM | 0.6.6 | >= 1.x |

Click to expand!

| | qs | CVE-2017-1000048 | HIGH | 6.1.0 | 6.3.2, 6.2.3, 6.1.2, 6.0.4 |

Click to expand!

| | request | CVE-2017-16026 | MEDIUM | 2.12.0 | 2.68.0, 2.68.0 |

Click to expand!

https://github.com/advisories/GHSA-7xfp-9c55-5vqj
https://github.com/request/request/issues/1904
https://github.com/request/request/pull/2018
https://nodesecurity.io/advisories/309
https://nvd.nist.gov/vuln/detail/CVE-2017-16026
https://www.npmjs.com/advisories/309

Click to expand!

https://github.com/request/request/issues/1904
https://github.com/request/request/pull/2018

| | send | CVE-2014-6394 | HIGH | 0.1.4 | >= 0.8.4 |

Click to expand!

http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139938.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140020.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139415.html
http://secunia.com/advisories/62170
http://www-01.ibm.com/support/docview.wss?uid=swg21687263
http://www.openwall.com/lists/oss-security/2014/09/24/1
http://www.openwall.com/lists/oss-security/2014/09/30/10
http://www.securityfocus.com/bid/70100
https://bugzilla.redhat.com/show_bug.cgi?id=1146063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6394
https://exchange.xforce.ibmcloud.com/vulnerabilities/96727
https://github.com/advisories/GHSA-xwg4-93c6-3h42
https://github.com/visionmedia/send/commit/9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a
https://github.com/visionmedia/send/pull/59
https://nodesecurity.io/advisories/send-directory-traversal
https://nvd.nist.gov/vuln/detail/CVE-2014-6394
https://support.apple.com/HT205217
https://www.npmjs.com/advisories/32

| | send | CVE-2015-8859 | MEDIUM | 0.1.4 | >=0.11.1 |

Click to expand!

http://www.openwall.com/lists/oss-security/2016/04/20/11
http://www.securityfocus.com/bid/96435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8859
https://github.com/advisories/GHSA-jgqf-hwc5-hh37
https://github.com/expressjs/serve-static/blob/master/HISTORY.md#181--2015-01-20
https://github.com/pillarjs/send/pull/70
https://nodesecurity.io/advisories/56
https://nvd.nist.gov/vuln/detail/CVE-2015-8859
https://www.npmjs.com/advisories/56

Click to expand!

http://www.openwall.com/lists/oss-security/2015/01/23/2
https://github.com/advisories/GHSA-xqg8-cv3h-xppv
https://github.com/sequelize/sequelize/issues/2906
https://github.com/sequelize/sequelize/pull/2919
https://nodesecurity.io/advisories/sequelize-sql-injection-order
https://nvd.nist.gov/vuln/detail/CVE-2015-1369
https://www.npmjs.com/advisories/33

| | sql | GHSA-8f93-rv4p-x4jw | MEDIUM | 0.26.0 | |

Click to expand!

https://github.com/advisories/GHSA-8f93-rv4p-x4jw
https://hackerone.com/reports/319465
https://nodesecurity.io/advisories/662
https://www.npmjs.com/advisories/662

| | sql | NSWG-ECO-432 | MEDIUM | 0.26.0 | |

Click to expand!

https://hackerone.com/reports/319465

| | sshpk | CVE-2018-3737 | HIGH | 1.7.4 | 1.13.2 |

Click to expand!

https://github.com/advisories/GHSA-2m39-62fm-q8r3
https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17
https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957
https://hackerone.com/reports/319593
https://nvd.nist.gov/vuln/detail/CVE-2018-3737
https://www.npmjs.com/advisories/606

Click to expand!

https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17
https://hackerone.com/reports/319593

| | sshpk | CVE-2018-3737 | HIGH | 1.8.3 | 1.13.2 |

Click to expand!

Click to expand!

https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17
https://hackerone.com/reports/319593

| | stringstream | CVE-2018-21270 | MEDIUM | 0.0.5 | 0.0.6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21270
https://github.com/advisories/GHSA-mf6x-7mm4-x2g7
https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32
https://github.com/mhart/StringStream/commit/afbc7442220358419e330618e47f3a65fc265b1b
https://github.com/mhart/StringStream/issues/7
https://hackerone.com/reports/321670
https://www.npmjs.com/advisories/664

Click to expand!

https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32
https://hackerone.com/reports/321670

| | tar | CVE-2018-20834 | HIGH | 2.2.1 | 4.4.2, 2.2.2 |

Click to expand!

https://access.redhat.com/errata/RHSA-2019:1821
https://github.com/advisories/GHSA-j44m-qm6p-hp7m
https://github.com/npm/node-tar/commit/7ecef07da6a9e72cc0c4d0c9c6a8e85b6b52395d
https://github.com/npm/node-tar/commit/b0c58433c22f5e7fe8b1c76373f27e3f81dcd4c8
https://github.com/npm/node-tar/commits/v2.2.2
https://github.com/npm/node-tar/compare/58a8d43...a5f7779
https://hackerone.com/reports/344595
https://nvd.nist.gov/vuln/detail/CVE-2018-20834
https://www.npmjs.com/advisories/803

| | tar | CVE-2021-32803 | HIGH | 2.2.1 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 |

Click to expand!

https://github.com/advisories/GHSA-r628-mhmh-qjhw
https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20
https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw
https://linux.oracle.com/cve/CVE-2021-32803.html
https://linux.oracle.com/errata/ELSA-2021-3666.html
https://nvd.nist.gov/vuln/detail/CVE-2021-32803
https://www.npmjs.com/advisories/1771
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html

| | tar | CVE-2021-32804 | HIGH | 2.2.1 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 |

Click to expand!

https://github.com/advisories/GHSA-3jfq-g458-7qm9
https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4
https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9
https://linux.oracle.com/cve/CVE-2021-32804.html
https://linux.oracle.com/errata/ELSA-2021-3666.html
https://nvd.nist.gov/vuln/detail/CVE-2021-32804
https://www.npmjs.com/advisories/1770
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html

| | tar | CVE-2021-37701 | HIGH | 2.2.1 | 6.1.7, 5.0.8, 4.4.16 |

Click to expand!

https://github.com/advisories/GHSA-9r2w-394v-53qc
https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
https://nvd.nist.gov/vuln/detail/CVE-2021-37701
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1779
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html

| | tar | CVE-2021-37712 | HIGH | 2.2.1 | 6.1.9, 5.0.10, 4.4.18 |

Click to expand!

https://github.com/advisories/GHSA-qq89-hq3f-393p
https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
https://nvd.nist.gov/vuln/detail/CVE-2021-37712
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1780
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html

| | tar | CVE-2021-37713 | HIGH | 2.2.1 | 6.1.9, 5.0.10, 4.4.18 |

Click to expand!

https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html

| | tough-cookie | CVE-2017-15010 | HIGH | 2.2.2 | 2.3.3 |

Click to expand!

http://www.securityfocus.com/bid/101185
https://access.redhat.com/errata/RHSA-2017:2912
https://access.redhat.com/errata/RHSA-2017:2913
https://access.redhat.com/errata/RHSA-2018:1263
https://access.redhat.com/errata/RHSA-2018:1264
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15010
https://github.com/advisories/GHSA-g7q5-pjjr-gqvp
https://github.com/salesforce/tough-cookie/issues/92
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6VEBDTGNHVM677SLZDEHMWOP3ISMZSFT/
https://nodesecurity.io/advisories/525
https://nvd.nist.gov/vuln/detail/CVE-2017-15010
https://snyk.io/vuln/npm:tough-cookie:20170905
https://www.npmjs.com/advisories/525

| | tough-cookie | CVE-2016-1000232 | MEDIUM | 2.2.2 | >=2.3.0 |

Click to expand!

https://access.redhat.com/errata/RHSA-2016:2101
https://access.redhat.com/errata/RHSA-2017:2912
https://access.redhat.com/security/cve/cve-2016-1000232
https://github.com/advisories/GHSA-qhv9-728r-6jqg
https://github.com/salesforce/tough-cookie/commit/615627206357d997d5e6ff9da158997de05235ae
https://github.com/salesforce/tough-cookie/commit/e4fc2e0f9ee1b7a818d68f0ac7ea696f377b1534
https://nodesecurity.io/advisories/130
https://nvd.nist.gov/vuln/detail/CVE-2016-1000232
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-is-affected-by-node-js-tough-cookie-module-vulnerability-to-a-denial-of-service-cve-2016-1000232/
https://www.npmjs.com/advisories/130

Click to expand!

https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4
https://github.com/advisories/GHSA-xc7v-wxcw-j472
https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0
https://www.npmjs.com/advisories/598

Click to expand!

https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4
https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0

Click to expand!

Click to expand!

https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4
https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0

| | ua-parser-js | CVE-2021-27292 | HIGH | 0.7.22 | 0.7.24 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27292
https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76
https://github.com/advisories/GHSA-78cj-fxph-m83p
https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566
https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14
https://nvd.nist.gov/vuln/detail/CVE-2021-27292

Click to expand!

https://github.com/advisories/GHSA-v2p6-4mp7-3r9v
https://github.com/epeli/underscore.string/commit/f486cd684c94c12db48b45d52b1472a1b9661029
https://github.com/epeli/underscore.string/issues/510
https://github.com/epeli/underscore.string/pull/517
https://www.npmjs.com/advisories/745

| | validator | CVE-2014-8882 | HIGH | 1.5.1 | >=3.22.1 |

Click to expand!

http://en.wikipedia.org/wiki/ReDoS
http://lab.cs.ttu.ee/dl93)
https://github.com/advisories/GHSA-f5w6-r7rg-mcgq
https://github.com/chriso/validator.js/issues/152#issuecomment-48107184
https://nvd.nist.gov/vuln/detail/CVE-2014-8882
https://snyk.io/vuln/npm:validator:20130705
https://www.npmjs.com/advisories/42

| | validator | CVE-2021-3765 | HIGH | 1.5.1 | 13.7.0 |

Click to expand!

https://github.com/advisories/GHSA-qgmg-gppg-76g5
https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1
https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9
https://nvd.nist.gov/vuln/detail/CVE-2021-3765

| | validator | CVE-2014-9772 | MEDIUM | 1.5.1 | >=2.0.0 |

Click to expand!

http://www.openwall.com/lists/oss-security/2016/04/20/11
http://www.securityfocus.com/bid/97102
https://github.com/advisories/GHSA-79mx-88w7-8f7q
https://github.com/chriso/validator.js/issues/181
https://nodesecurity.io/advisories/43
https://nvd.nist.gov/vuln/detail/CVE-2014-9772
https://www.npmjs.com/advisories/43

| | ws | CVE-2016-10542 | HIGH | 1.0.1 | 1.1.1 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10542
https://github.com/advisories/GHSA-6663-c963-2gqg
https://github.com/nodejs/node/issues/7388
https://nodesecurity.io/advisories/120
https://nvd.nist.gov/vuln/detail/CVE-2016-10542
https://www.npmjs.com/advisories/120

| | ws | GHSA-5v72-xg48-5rpm | HIGH | 1.0.1 | 3.3.1, 1.1.5 |

Click to expand!

https://github.com/advisories/GHSA-5v72-xg48-5rpm
https://github.com/websockets/ws/commit/c4fe46608acd61fbf7397eadc47378903f95b78a
https://nodesecurity.io/advisories/550
https://snyk.io/vuln/npm:ws:20171108
https://www.npmjs.com/advisories/550
https://www.npmjs.com/advisories/550/versions

| | ws | NSWG-ECO-120 | HIGH | 1.0.1 | >=1.1.1 |

Click to expand!

https://github.com/nodejs/node/issues/7388

| | xmlhttprequest-ssl | CVE-2021-31597 | CRITICAL | 1.5.1 | 1.6.1 |

Click to expand!

https://github.com/advisories/GHSA-72mh-269x-7mh5
https://github.com/mjwwit/node-XMLHttpRequest/commit/bf53329b61ca6afc5d28f6b8d2dc2e3ca740a9b2
https://github.com/mjwwit/node-XMLHttpRequest/compare/v1.6.0...1.6.1
https://nvd.nist.gov/vuln/detail/CVE-2021-31597
https://people.kingsds.network/wesgarland/xmlhttprequest-ssl-vuln.txt
https://security.netapp.com/advisory/ntap-20210618-0004/

| | xmlhttprequest-ssl | CVE-2020-28502 | HIGH | 1.5.1 | 1.6.2 |

Click to expand!

https://github.com/advisories/GHSA-h4j5-c7cj-74xg
https://github.com/driverdan/node-XMLHttpRequest/blob/1.6.0/lib/XMLHttpRequest.js#L480
https://github.com/driverdan/node-XMLHttpRequest/blob/1.6.0/lib/XMLHttpRequest.js%23L480
https://github.com/driverdan/node-XMLHttpRequest/commit/983cfc244c7567ad6a59e366e55a8037e0497fe6
https://github.com/mjwwit/node-XMLHttpRequest/blob/ae38832a0f1347c5e96dda665402509a3458e302/lib/XMLHttpRequest.js#L531
https://github.com/mjwwit/node-XMLHttpRequest/commit/ee1e81fc67729c7c0eba5537ed7fe1e30a6b3291
https://nvd.nist.gov/vuln/detail/CVE-2020-28502
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1082937
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1082938
https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUEST-1082935
https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936