--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: fancyindex/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-fancyindex' of Deployment 'RELEASE-NAME-fancyindex' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'resources.limits.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-fancyindex' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-fancyindex' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'autopermissions' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV015 | CPU requests not specified | LOW |
Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'resources.requests.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
| | Kubernetes Security Check | KSV016 | Memory requests not specified | LOW |
Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'resources.requests.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
| | Kubernetes Security Check | KSV017 | Privileged container | HIGH |
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.privileged' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
| | Kubernetes Security Check | KSV018 | Memory not limited | LOW |
Expand... Enforcing memory limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'resources.limits.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-fancyindex' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-fancyindex' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-fancyindex' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM |
Expand... HostPath volumes must be forbidden.

Deployment 'RELEASE-NAME-fancyindex' should not set 'spec.template.volumes.hostPath'
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |
Expand... Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-fancyindex' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029
| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/fancyindex:latest@sha256:01a33c43346c72ce30c9f467ad622b82009876090bdd6c578f561b86c98a1ff2 ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-1642.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-1642.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/fancyindex:latest@sha256:01a33c43346c72ce30c9f467ad622b82009876090bdd6c578f561b86c98a1ff2 (debian 11.3) **debian** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | apache2-utils | CVE-2001-1534 | LOW | 2.4.53-1~deb11u1 | |
Expand...http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
http://www.iss.net/security_center/static/7494.php
http://www.securityfocus.com/bid/3521
| | apache2-utils | CVE-2003-1307 | LOW | 2.4.53-1~deb11u1 | |
Expand...http://bugs.php.net/38915
http://hackerdom.ru/~dimmo/phpexpl.c
http://www.securityfocus.com/archive/1/348368
http://www.securityfocus.com/archive/1/449234/100/0/threaded
http://www.securityfocus.com/archive/1/449298/100/0/threaded
http://www.securityfocus.com/bid/9302
| | apache2-utils | CVE-2003-1580 | LOW | 2.4.53-1~deb11u1 | |
Expand...http://www.securityfocus.com/archive/1/313867
| | apache2-utils | CVE-2003-1581 | LOW | 2.4.53-1~deb11u1 | |
Expand...http://www.securityfocus.com/archive/1/313867
https://access.redhat.com/security/cve/CVE-2003-1581
| | apache2-utils | CVE-2007-0086 | LOW | 2.4.53-1~deb11u1 | |
Expand...http://osvdb.org/33456
http://www.securityfocus.com/archive/1/455833/100/0/threaded
http://www.securityfocus.com/archive/1/455879/100/0/threaded
http://www.securityfocus.com/archive/1/455882/100/0/threaded
http://www.securityfocus.com/archive/1/455920/100/0/threaded
https://nvd.nist.gov/vuln/detail/CVE-2007-0086
| | apache2-utils | CVE-2007-1743 | LOW | 2.4.53-1~deb11u1 | |
Expand...http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511
http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2
http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2
http://www.securitytracker.com/id?1017904
| | apache2-utils | CVE-2007-3303 | LOW | 2.4.53-1~deb11u1 | |
Expand...http://osvdb.org/37050
http://security.psnc.pl/files/apache_report.pdf
http://securityreason.com/securityalert/2814
http://www.securityfocus.com/archive/1/469899/100/0/threaded
http://www.securityfocus.com/archive/1/471832/100/0/threaded
http://www.securityfocus.com/bid/24215
| | apache2-utils | CVE-2008-0456 | LOW | 2.4.53-1~deb11u1 | |
Expand...http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://rhn.redhat.com/errata/RHSA-2013-0130.html
http://secunia.com/advisories/29348
http://secunia.com/advisories/35074
http://security.gentoo.org/glsa/glsa-200803-19.xml
http://securityreason.com/securityalert/3575
http://securitytracker.com/id?1019256
http://support.apple.com/kb/HT3549
http://www.mindedsecurity.com/MSA01150108.html
http://www.securityfocus.com/archive/1/486847/100/0/threaded
http://www.securityfocus.com/bid/27409
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://www.vupen.com/english/advisories/2009/1297
https://access.redhat.com/security/cve/CVE-2008-0456
https://exchange.xforce.ibmcloud.com/vulnerabilities/39893
https://linux.oracle.com/cve/CVE-2008-0456.html
https://linux.oracle.com/errata/ELSA-2013-0130.html
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
| | apt | CVE-2011-3374 | LOW | 2.2.4 | |
Expand...https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
| | bsdutils | CVE-2022-0563 | LOW | 2.36.1-8+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
| | coreutils | CVE-2016-2781 | LOW | 8.32-4 | |
Expand...http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://access.redhat.com/security/cve/CVE-2016-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2781
| | coreutils | CVE-2017-18018 | LOW | 8.32-4 | |
Expand...http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html
https://access.redhat.com/security/cve/CVE-2017-18018
| | curl | CVE-2021-22945 | CRITICAL | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22945
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22945.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://hackerone.com/reports/1269242
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22945
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2021-22946 | HIGH | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22946
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22946.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://hackerone.com/reports/1334111
https://linux.oracle.com/cve/CVE-2021-22946.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22946
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2021-22947 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22947
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22947.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
https://hackerone.com/reports/1334763
https://launchpad.net/bugs/1944120 (regression bug)
https://linux.oracle.com/cve/CVE-2021-22947.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22947
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://ubuntu.com/security/notices/USN-5079-3
https://ubuntu.com/security/notices/USN-5079-4
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2022-22576 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27774 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27776 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27781 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27781
https://curl.se/docs/CVE-2022-27781.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
https://github.com/curl/curl/commit/f6c335d63f
https://ubuntu.com/security/notices/USN-5412-1
| | curl | CVE-2022-27782 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27782
https://curl.se/docs/CVE-2022-27782.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
https://ubuntu.com/security/notices/USN-5412-1
| | curl | CVE-2021-22898 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...http://www.openwall.com/lists/oss-security/2021/07/21/4
https://access.redhat.com/security/cve/CVE-2021-22898
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22898.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
https://errata.almalinux.org/8/ALSA-2021-4511.html
https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
https://hackerone.com/reports/1176461
https://linux.oracle.com/cve/CVE-2021-22898.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/
https://nvd.nist.gov/vuln/detail/CVE-2021-22898
https://ubuntu.com/security/notices/USN-5021-1
https://ubuntu.com/security/notices/USN-5021-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | curl | CVE-2021-22922 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22922
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22922.html
https://hackerone.com/reports/1213175
https://linux.oracle.com/cve/CVE-2021-22922.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22922
https://security.netapp.com/advisory/ntap-20210902-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2021-22923 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22923
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22923.html
https://hackerone.com/reports/1213181
https://linux.oracle.com/cve/CVE-2021-22923.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22923
https://security.netapp.com/advisory/ntap-20210902-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2021-22924 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22924
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf
https://curl.se/docs/CVE-2021-22924.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
https://hackerone.com/reports/1223565
https://linux.oracle.com/cve/CVE-2021-22924.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22924
https://security.netapp.com/advisory/ntap-20210902-0003/
https://ubuntu.com/security/notices/USN-5021-1
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2022-27775 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | e2fsprogs | CVE-2022-1304 | HIGH | 1.46.2-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | git | CVE-2022-24765 | HIGH | 1:2.30.2-1 | |
Expand...http://seclists.org/fulldisclosure/2022/May/31
http://www.openwall.com/lists/oss-security/2022/04/12/7
https://access.redhat.com/security/cve/CVE-2022-24765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode
https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/
https://support.apple.com/kb/HT213261
https://ubuntu.com/security/notices/USN-5376-1
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-3
| | git | CVE-2018-1000021 | LOW | 1:2.30.2-1 | |
Expand...http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
https://access.redhat.com/security/cve/CVE-2018-1000021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021
| | git | CVE-2022-24975 | LOW | 1:2.30.2-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-24975
https://github.com/git/git/blob/2dc94da3744bfbbf145eca587a0f5ff480cc5867/Documentation/git-clone.txt#L185-L191
https://wwws.nightwatchcybersecurity.com/2022/02/11/gitbleed/
| | git-man | CVE-2022-24765 | HIGH | 1:2.30.2-1 | |
Expand...http://seclists.org/fulldisclosure/2022/May/31
http://www.openwall.com/lists/oss-security/2022/04/12/7
https://access.redhat.com/security/cve/CVE-2022-24765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode
https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/
https://support.apple.com/kb/HT213261
https://ubuntu.com/security/notices/USN-5376-1
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-3
| | git-man | CVE-2018-1000021 | LOW | 1:2.30.2-1 | |
Expand...http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
https://access.redhat.com/security/cve/CVE-2018-1000021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021
| | git-man | CVE-2022-24975 | LOW | 1:2.30.2-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-24975
https://github.com/git/git/blob/2dc94da3744bfbbf145eca587a0f5ff480cc5867/Documentation/git-clone.txt#L185-L191
https://wwws.nightwatchcybersecurity.com/2022/02/11/gitbleed/
| | libapt-pkg6.0 | CVE-2011-3374 | LOW | 2.2.4 | |
Expand...https://access.redhat.com/security/cve/cve-2011-3374
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
https://seclists.org/fulldisclosure/2011/Sep/221
https://security-tracker.debian.org/tracker/CVE-2011-3374
https://snyk.io/vuln/SNYK-LINUX-APT-116518
https://ubuntu.com/security/CVE-2011-3374
| | libblkid1 | CVE-2022-0563 | LOW | 2.36.1-8+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
| | libbpf0 | CVE-2021-45940 | MEDIUM | 0.3-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45940
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45940
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libbpf/OSV-2021-1562.yaml
| | libbpf0 | CVE-2021-45941 | MEDIUM | 0.3-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45941
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45941
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libbpf/OSV-2021-1576.yaml
| | libc-bin | CVE-2021-3999 | HIGH | 2.31-13+deb11u3 | |
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json
https://access.redhat.com/security/cve/CVE-2021-3999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://linux.oracle.com/cve/CVE-2021-3999.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc-bin | CVE-2010-4756 | LOW | 2.31-13+deb11u3 | |
Expand...http://cxib.net/stuff/glob-0day.c
http://securityreason.com/achievement_securityalert/89
http://securityreason.com/exploitalert/9223
https://access.redhat.com/security/cve/CVE-2010-4756
https://bugzilla.redhat.com/show_bug.cgi?id=681681
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756
https://nvd.nist.gov/vuln/detail/CVE-2010-4756
| | libc-bin | CVE-2018-20796 | LOW | 2.31-13+deb11u3 | |
Expand...http://www.securityfocus.com/bid/107160
https://access.redhat.com/security/cve/CVE-2018-20796
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html
https://nvd.nist.gov/vuln/detail/CVE-2018-20796
https://security.netapp.com/advisory/ntap-20190315-0002/
https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
| | libc-bin | CVE-2019-1010022 | LOW | 2.31-13+deb11u3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010022
https://security-tracker.debian.org/tracker/CVE-2019-1010022
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3
https://ubuntu.com/security/CVE-2019-1010022
| | libc-bin | CVE-2019-1010023 | LOW | 2.31-13+deb11u3 | |
Expand...http://www.securityfocus.com/bid/109167
https://access.redhat.com/security/cve/CVE-2019-1010023
https://security-tracker.debian.org/tracker/CVE-2019-1010023
https://sourceware.org/bugzilla/show_bug.cgi?id=22851
https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/CVE-2019-1010023
| | libc-bin | CVE-2019-1010024 | LOW | 2.31-13+deb11u3 | |
Expand...http://www.securityfocus.com/bid/109162
https://access.redhat.com/security/cve/CVE-2019-1010024
https://security-tracker.debian.org/tracker/CVE-2019-1010024
https://sourceware.org/bugzilla/show_bug.cgi?id=22852
https://support.f5.com/csp/article/K06046097
https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/CVE-2019-1010024
| | libc-bin | CVE-2019-1010025 | LOW | 2.31-13+deb11u3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010025
https://security-tracker.debian.org/tracker/CVE-2019-1010025
https://sourceware.org/bugzilla/show_bug.cgi?id=22853
https://support.f5.com/csp/article/K06046097
https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/CVE-2019-1010025
| | libc-bin | CVE-2019-9192 | LOW | 2.31-13+deb11u3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-9192
https://nvd.nist.gov/vuln/detail/CVE-2019-9192
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
| | libc6 | CVE-2021-3999 | HIGH | 2.31-13+deb11u3 | |
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json
https://access.redhat.com/security/cve/CVE-2021-3999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://linux.oracle.com/cve/CVE-2021-3999.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc6 | CVE-2010-4756 | LOW | 2.31-13+deb11u3 | |
Expand...http://cxib.net/stuff/glob-0day.c
http://securityreason.com/achievement_securityalert/89
http://securityreason.com/exploitalert/9223
https://access.redhat.com/security/cve/CVE-2010-4756
https://bugzilla.redhat.com/show_bug.cgi?id=681681
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756
https://nvd.nist.gov/vuln/detail/CVE-2010-4756
| | libc6 | CVE-2018-20796 | LOW | 2.31-13+deb11u3 | |
Expand...http://www.securityfocus.com/bid/107160
https://access.redhat.com/security/cve/CVE-2018-20796
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html
https://nvd.nist.gov/vuln/detail/CVE-2018-20796
https://security.netapp.com/advisory/ntap-20190315-0002/
https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
| | libc6 | CVE-2019-1010022 | LOW | 2.31-13+deb11u3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010022
https://security-tracker.debian.org/tracker/CVE-2019-1010022
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3
https://ubuntu.com/security/CVE-2019-1010022
| | libc6 | CVE-2019-1010023 | LOW | 2.31-13+deb11u3 | |
Expand...http://www.securityfocus.com/bid/109167
https://access.redhat.com/security/cve/CVE-2019-1010023
https://security-tracker.debian.org/tracker/CVE-2019-1010023
https://sourceware.org/bugzilla/show_bug.cgi?id=22851
https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/CVE-2019-1010023
| | libc6 | CVE-2019-1010024 | LOW | 2.31-13+deb11u3 | |
Expand...http://www.securityfocus.com/bid/109162
https://access.redhat.com/security/cve/CVE-2019-1010024
https://security-tracker.debian.org/tracker/CVE-2019-1010024
https://sourceware.org/bugzilla/show_bug.cgi?id=22852
https://support.f5.com/csp/article/K06046097
https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/CVE-2019-1010024
| | libc6 | CVE-2019-1010025 | LOW | 2.31-13+deb11u3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010025
https://security-tracker.debian.org/tracker/CVE-2019-1010025
https://sourceware.org/bugzilla/show_bug.cgi?id=22853
https://support.f5.com/csp/article/K06046097
https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/CVE-2019-1010025
| | libc6 | CVE-2019-9192 | LOW | 2.31-13+deb11u3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-9192
https://nvd.nist.gov/vuln/detail/CVE-2019-9192
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
| | libcom-err2 | CVE-2022-1304 | HIGH | 1.46.2-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libcurl3-gnutls | CVE-2021-22945 | CRITICAL | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22945
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22945.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://hackerone.com/reports/1269242
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22945
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl3-gnutls | CVE-2021-22946 | HIGH | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22946
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22946.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://hackerone.com/reports/1334111
https://linux.oracle.com/cve/CVE-2021-22946.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22946
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl3-gnutls | CVE-2021-22947 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22947
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22947.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
https://hackerone.com/reports/1334763
https://launchpad.net/bugs/1944120 (regression bug)
https://linux.oracle.com/cve/CVE-2021-22947.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22947
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://ubuntu.com/security/notices/USN-5079-3
https://ubuntu.com/security/notices/USN-5079-4
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl3-gnutls | CVE-2022-22576 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl3-gnutls | CVE-2022-27774 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl3-gnutls | CVE-2022-27776 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl3-gnutls | CVE-2022-27781 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27781
https://curl.se/docs/CVE-2022-27781.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
https://github.com/curl/curl/commit/f6c335d63f
https://ubuntu.com/security/notices/USN-5412-1
| | libcurl3-gnutls | CVE-2022-27782 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27782
https://curl.se/docs/CVE-2022-27782.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
https://ubuntu.com/security/notices/USN-5412-1
| | libcurl3-gnutls | CVE-2021-22898 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...http://www.openwall.com/lists/oss-security/2021/07/21/4
https://access.redhat.com/security/cve/CVE-2021-22898
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22898.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
https://errata.almalinux.org/8/ALSA-2021-4511.html
https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
https://hackerone.com/reports/1176461
https://linux.oracle.com/cve/CVE-2021-22898.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/
https://nvd.nist.gov/vuln/detail/CVE-2021-22898
https://ubuntu.com/security/notices/USN-5021-1
https://ubuntu.com/security/notices/USN-5021-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | libcurl3-gnutls | CVE-2021-22922 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22922
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22922.html
https://hackerone.com/reports/1213175
https://linux.oracle.com/cve/CVE-2021-22922.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22922
https://security.netapp.com/advisory/ntap-20210902-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl3-gnutls | CVE-2021-22923 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22923
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22923.html
https://hackerone.com/reports/1213181
https://linux.oracle.com/cve/CVE-2021-22923.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22923
https://security.netapp.com/advisory/ntap-20210902-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl3-gnutls | CVE-2021-22924 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22924
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf
https://curl.se/docs/CVE-2021-22924.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
https://hackerone.com/reports/1223565
https://linux.oracle.com/cve/CVE-2021-22924.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22924
https://security.netapp.com/advisory/ntap-20210902-0003/
https://ubuntu.com/security/notices/USN-5021-1
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl3-gnutls | CVE-2022-27775 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl4 | CVE-2021-22945 | CRITICAL | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22945
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22945.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://hackerone.com/reports/1269242
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22945
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl4 | CVE-2021-22946 | HIGH | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22946
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22946.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://hackerone.com/reports/1334111
https://linux.oracle.com/cve/CVE-2021-22946.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22946
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl4 | CVE-2021-22947 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22947
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22947.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
https://hackerone.com/reports/1334763
https://launchpad.net/bugs/1944120 (regression bug)
https://linux.oracle.com/cve/CVE-2021-22947.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22947
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://ubuntu.com/security/notices/USN-5079-3
https://ubuntu.com/security/notices/USN-5079-4
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl4 | CVE-2022-22576 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl4 | CVE-2022-27774 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl4 | CVE-2022-27776 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl4 | CVE-2022-27781 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27781
https://curl.se/docs/CVE-2022-27781.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
https://github.com/curl/curl/commit/f6c335d63f
https://ubuntu.com/security/notices/USN-5412-1
| | libcurl4 | CVE-2022-27782 | MEDIUM | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27782
https://curl.se/docs/CVE-2022-27782.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
https://ubuntu.com/security/notices/USN-5412-1
| | libcurl4 | CVE-2021-22898 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...http://www.openwall.com/lists/oss-security/2021/07/21/4
https://access.redhat.com/security/cve/CVE-2021-22898
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22898.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
https://errata.almalinux.org/8/ALSA-2021-4511.html
https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
https://hackerone.com/reports/1176461
https://linux.oracle.com/cve/CVE-2021-22898.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/
https://nvd.nist.gov/vuln/detail/CVE-2021-22898
https://ubuntu.com/security/notices/USN-5021-1
https://ubuntu.com/security/notices/USN-5021-2
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | libcurl4 | CVE-2021-22922 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22922
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22922.html
https://hackerone.com/reports/1213175
https://linux.oracle.com/cve/CVE-2021-22922.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22922
https://security.netapp.com/advisory/ntap-20210902-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl4 | CVE-2021-22923 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22923
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22923.html
https://hackerone.com/reports/1213181
https://linux.oracle.com/cve/CVE-2021-22923.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22923
https://security.netapp.com/advisory/ntap-20210902-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl4 | CVE-2021-22924 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-22924
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf
https://curl.se/docs/CVE-2021-22924.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
https://hackerone.com/reports/1223565
https://linux.oracle.com/cve/CVE-2021-22924.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22924
https://security.netapp.com/advisory/ntap-20210902-0003/
https://ubuntu.com/security/notices/USN-5021-1
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl4 | CVE-2022-27775 | LOW | 7.74.0-1.3+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://ubuntu.com/security/notices/USN-5397-1
| | libdb5.3 | CVE-2019-8457 | CRITICAL | 5.3.28+dfsg1-0.8 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html
https://access.redhat.com/security/cve/CVE-2019-8457
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
https://linux.oracle.com/cve/CVE-2019-8457.html
https://linux.oracle.com/errata/ELSA-2020-1810.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/
https://security.netapp.com/advisory/ntap-20190606-0002/
https://ubuntu.com/security/notices/USN-4004-1
https://ubuntu.com/security/notices/USN-4004-2
https://ubuntu.com/security/notices/USN-4019-1
https://ubuntu.com/security/notices/USN-4019-2
https://usn.ubuntu.com/4004-1/
https://usn.ubuntu.com/4004-2/
https://usn.ubuntu.com/4019-1/
https://usn.ubuntu.com/4019-2/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.sqlite.org/releaselog/3_28_0.html
https://www.sqlite.org/src/info/90acdbfce9c08858
| | libexpat1 | CVE-2013-0340 | LOW | 2.2.10-2+deb11u3 | |
Expand...http://openwall.com/lists/oss-security/2013/02/22/3
http://seclists.org/fulldisclosure/2021/Oct/61
http://seclists.org/fulldisclosure/2021/Oct/62
http://seclists.org/fulldisclosure/2021/Oct/63
http://seclists.org/fulldisclosure/2021/Sep/33
http://seclists.org/fulldisclosure/2021/Sep/34
http://seclists.org/fulldisclosure/2021/Sep/35
http://seclists.org/fulldisclosure/2021/Sep/38
http://seclists.org/fulldisclosure/2021/Sep/39
http://seclists.org/fulldisclosure/2021/Sep/40
http://securitytracker.com/id?1028213
http://www.openwall.com/lists/oss-security/2013/04/12/6
http://www.openwall.com/lists/oss-security/2021/10/07/4
http://www.osvdb.org/90634
http://www.securityfocus.com/bid/58233
https://access.redhat.com/security/cve/CVE-2013-0340
https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702@%3Cusers.openoffice.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2013-0340
https://security.gentoo.org/glsa/201701-21
https://support.apple.com/kb/HT212804
https://support.apple.com/kb/HT212805
https://support.apple.com/kb/HT212807
https://support.apple.com/kb/HT212814
https://support.apple.com/kb/HT212815
https://support.apple.com/kb/HT212819
| | libext2fs2 | CVE-2022-1304 | HIGH | 1.46.2-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libfreetype6 | CVE-2022-27404 | CRITICAL | 2.10.4+dfsg-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404
https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
https://nvd.nist.gov/vuln/detail/CVE-2022-27404
| | libfreetype6 | CVE-2022-27405 | HIGH | 2.10.4+dfsg-1 | |
Expand...http://freetype.com
https://access.redhat.com/security/cve/CVE-2022-27405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405
https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
https://nvd.nist.gov/vuln/detail/CVE-2022-27405
| | libfreetype6 | CVE-2022-27406 | HIGH | 2.10.4+dfsg-1 | |
Expand...http://freetype.com
https://access.redhat.com/security/cve/CVE-2022-27406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406
https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
https://nvd.nist.gov/vuln/detail/CVE-2022-27406
| | libgcrypt20 | CVE-2021-33560 | HIGH | 1.8.7-6 | |
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json
https://access.redhat.com/security/cve/CVE-2021-33560
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560
https://dev.gnupg.org/T5305
https://dev.gnupg.org/T5328
https://dev.gnupg.org/T5466
https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61
https://eprint.iacr.org/2021/923
https://errata.almalinux.org/8/ALSA-2021-4409.html
https://linux.oracle.com/cve/CVE-2021-33560.html
https://linux.oracle.com/errata/ELSA-2022-9263.html
https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/
https://nvd.nist.gov/vuln/detail/CVE-2021-33560
https://ubuntu.com/security/notices/USN-5080-1
https://ubuntu.com/security/notices/USN-5080-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libgcrypt20 | CVE-2018-6829 | LOW | 1.8.7-6 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-6829
https://github.com/weikengchen/attack-on-libgcrypt-elgamal
https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki
https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html
https://www.oracle.com/security-alerts/cpujan2020.html
| | libgd3 | CVE-2021-40145 | HIGH | 2.3.0-2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40145
https://github.com/libgd/libgd/commit/c5fd25ce0e48fd5618a972ca9f5e28d6d62006af
https://github.com/libgd/libgd/issues/700
https://github.com/libgd/libgd/pull/713
https://nvd.nist.gov/vuln/detail/CVE-2021-40145
https://ubuntu.com/security/notices/USN-5068-1
| | libgd3 | CVE-2021-38115 | MEDIUM | 2.3.0-2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38115
https://github.com/libgd/libgd/commit/8b111b2b4a4842179be66db68d84dda91a246032
https://github.com/libgd/libgd/issues/697
https://github.com/libgd/libgd/pull/711/commits/8b111b2b4a4842179be66db68d84dda91a246032
https://nvd.nist.gov/vuln/detail/CVE-2021-38115
https://ubuntu.com/security/notices/USN-5068-1
| | libgd3 | CVE-2021-40812 | MEDIUM | 2.3.0-2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40812
https://github.com/libgd/libgd/commit/6f5136821be86e7068fcdf651ae9420b5d42e9a9
https://github.com/libgd/libgd/issues/750#issuecomment-914872385
https://github.com/libgd/libgd/issues/757
https://nvd.nist.gov/vuln/detail/CVE-2021-40812
| | libgnutls30 | CVE-2021-4209 | MEDIUM | 3.7.1-5 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4209
| | libgnutls30 | CVE-2011-3389 | LOW | 3.7.1-5 | |
Expand...http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
http://curl.haxx.se/docs/adv_20120124B.html
http://downloads.asterisk.org/pub/security/AST-2016-001.html
http://ekoparty.org/2011/juliano-rizzo.php
http://eprint.iacr.org/2004/111
http://eprint.iacr.org/2006/136
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://marc.info/?l=bugtraq&m=133365109612558&w=2
http://marc.info/?l=bugtraq&m=133728004526190&w=2
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
http://osvdb.org/74829
http://rhn.redhat.com/errata/RHSA-2012-0508.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://secunia.com/advisories/45791
http://secunia.com/advisories/47998
http://secunia.com/advisories/48256
http://secunia.com/advisories/48692
http://secunia.com/advisories/48915
http://secunia.com/advisories/48948
http://secunia.com/advisories/49198
http://secunia.com/advisories/55322
http://secunia.com/advisories/55350
http://secunia.com/advisories/55351
http://security.gentoo.org/glsa/glsa-201203-02.xml
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5001
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5281
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT6150
http://technet.microsoft.com/security/advisory/2588513
http://vnhacker.blogspot.com/2011/09/beast.html
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
http://www.debian.org/security/2012/dsa-2398
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
http://www.ibm.com/developerworks/java/jdk/alerts/
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
http://www.insecure.cl/Beast-SSL.rar
http://www.kb.cert.org/vuls/id/864643
http://www.mandriva.com/security/advisories?name=MDVSA-2012:058
http://www.opera.com/docs/changelogs/mac/1151/
http://www.opera.com/docs/changelogs/mac/1160/
http://www.opera.com/docs/changelogs/unix/1151/
http://www.opera.com/docs/changelogs/unix/1160/
http://www.opera.com/docs/changelogs/windows/1151/
http://www.opera.com/docs/changelogs/windows/1160/
http://www.opera.com/support/kb/view/1004/
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://www.redhat.com/support/errata/RHSA-2012-0006.html
http://www.securityfocus.com/bid/49388
http://www.securityfocus.com/bid/49778
http://www.securitytracker.com/id/1029190
http://www.securitytracker.com/id?1025997
http://www.securitytracker.com/id?1026103
http://www.securitytracker.com/id?1026704
http://www.ubuntu.com/usn/USN-1263-1
http://www.us-cert.gov/cas/techalerts/TA12-010A.html
https://access.redhat.com/security/cve/CVE-2011-3389
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
https://bugzilla.novell.com/show_bug.cgi?id=719047
https://bugzilla.redhat.com/show_bug.cgi?id=737506
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
https://hermes.opensuse.org/messages/13154861
https://hermes.opensuse.org/messages/13155432
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
https://linux.oracle.com/cve/CVE-2011-3389.html
https://linux.oracle.com/errata/ELSA-2011-1380.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752
https://ubuntu.com/security/notices/USN-1263-1
| | libgssapi-krb5-2 | CVE-2004-0971 | LOW | 1.18.3-6+deb11u1 | |
Expand...http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304
http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml
http://www.redhat.com/support/errata/RHSA-2005-012.html
http://www.securityfocus.com/bid/11289
http://www.trustix.org/errata/2004/0050
https://access.redhat.com/security/cve/CVE-2004-0971
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497
| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.18.3-6+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libjbig0 | CVE-2017-9937 | LOW | 2.1-3.1 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2707
http://www.securityfocus.com/bid/99304
https://access.redhat.com/security/cve/CVE-2017-9937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libk5crypto3 | CVE-2004-0971 | LOW | 1.18.3-6+deb11u1 | |
Expand...http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304
http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml
http://www.redhat.com/support/errata/RHSA-2005-012.html
http://www.securityfocus.com/bid/11289
http://www.trustix.org/errata/2004/0050
https://access.redhat.com/security/cve/CVE-2004-0971
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497
| | libk5crypto3 | CVE-2018-5709 | LOW | 1.18.3-6+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5-3 | CVE-2004-0971 | LOW | 1.18.3-6+deb11u1 | |
Expand...http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304
http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml
http://www.redhat.com/support/errata/RHSA-2005-012.html
http://www.securityfocus.com/bid/11289
http://www.trustix.org/errata/2004/0050
https://access.redhat.com/security/cve/CVE-2004-0971
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497
| | libkrb5-3 | CVE-2018-5709 | LOW | 1.18.3-6+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5support0 | CVE-2004-0971 | LOW | 1.18.3-6+deb11u1 | |
Expand...http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304
http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml
http://www.redhat.com/support/errata/RHSA-2005-012.html
http://www.securityfocus.com/bid/11289
http://www.trustix.org/errata/2004/0050
https://access.redhat.com/security/cve/CVE-2004-0971
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497
| | libkrb5support0 | CVE-2018-5709 | LOW | 1.18.3-6+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libldap-2.4-2 | CVE-2022-29155 | CRITICAL | 2.4.57+dfsg-3 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-29155
https://bugs.openldap.org/show_bug.cgi?id=9815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155
https://nvd.nist.gov/vuln/detail/CVE-2022-29155
https://ubuntu.com/security/notices/USN-5424-1
| | libldap-2.4-2 | CVE-2015-3276 | LOW | 2.4.57+dfsg-3 | |
Expand...http://rhn.redhat.com/errata/RHSA-2015-2131.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securitytracker.com/id/1034221
https://access.redhat.com/security/cve/CVE-2015-3276
https://bugzilla.redhat.com/show_bug.cgi?id=1238322
https://linux.oracle.com/cve/CVE-2015-3276.html
https://linux.oracle.com/errata/ELSA-2015-2131.html
https://nvd.nist.gov/vuln/detail/CVE-2015-3276
| | libldap-2.4-2 | CVE-2017-14159 | LOW | 2.4.57+dfsg-3 | |
Expand...http://www.openldap.org/its/index.cgi?findid=8703
https://access.redhat.com/security/cve/CVE-2017-14159
https://www.oracle.com/security-alerts/cpuapr2022.html
| | libldap-2.4-2 | CVE-2017-17740 | LOW | 2.4.57+dfsg-3 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html
http://www.openldap.org/its/index.cgi/Incoming?id=8759
https://access.redhat.com/security/cve/CVE-2017-17740
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
https://www.oracle.com/security-alerts/cpuapr2022.html
| | libldap-2.4-2 | CVE-2020-15719 | LOW | 2.4.57+dfsg-3 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html
https://access.redhat.com/errata/RHBA-2019:3674
https://access.redhat.com/security/cve/CVE-2020-15719
https://bugs.openldap.org/show_bug.cgi?id=9266
https://bugzilla.redhat.com/show_bug.cgi?id=1740070
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
https://www.oracle.com/security-alerts/cpuapr2022.html
| | libluajit-5.1-2 | CVE-2019-19391 | LOW | 2.1.0~beta3+dfsg-5.3 | |
Expand...https://github.com/LuaJIT/LuaJIT/pull/526
| | libluajit-5.1-2 | CVE-2020-15890 | LOW | 2.1.0~beta3+dfsg-5.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-15890
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15890
https://github.com/LuaJIT/LuaJIT/issues/601
https://lists.debian.org/debian-lts-announce/2020/07/msg00026.html
https://ubuntu.com/security/notices/USN-4501-1
https://usn.ubuntu.com/4501-1/
| | libluajit-5.1-2 | CVE-2020-24372 | LOW | 2.1.0~beta3+dfsg-5.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-24372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24372
https://github.com/LuaJIT/LuaJIT/issues/603
| | libluajit-5.1-common | CVE-2019-19391 | LOW | 2.1.0~beta3+dfsg-5.3 | |
Expand...https://github.com/LuaJIT/LuaJIT/pull/526
| | libluajit-5.1-common | CVE-2020-15890 | LOW | 2.1.0~beta3+dfsg-5.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-15890
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15890
https://github.com/LuaJIT/LuaJIT/issues/601
https://lists.debian.org/debian-lts-announce/2020/07/msg00026.html
https://ubuntu.com/security/notices/USN-4501-1
https://usn.ubuntu.com/4501-1/
| | libluajit-5.1-common | CVE-2020-24372 | LOW | 2.1.0~beta3+dfsg-5.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-24372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24372
https://github.com/LuaJIT/LuaJIT/issues/603
| | libmount1 | CVE-2022-0563 | LOW | 2.36.1-8+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
| | libnginx-mod-http-auth-pam | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-auth-pam | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-auth-pam | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-auth-pam | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-cache-purge | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-cache-purge | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-cache-purge | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-cache-purge | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-dav-ext | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-dav-ext | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-dav-ext | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-dav-ext | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-echo | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-echo | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-echo | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-echo | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-fancyindex | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-fancyindex | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-fancyindex | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-fancyindex | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-geoip | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-geoip | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-geoip | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-geoip | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-geoip2 | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-geoip2 | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-geoip2 | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-geoip2 | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-headers-more-filter | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-headers-more-filter | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-headers-more-filter | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-headers-more-filter | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-image-filter | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-image-filter | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-image-filter | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-image-filter | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-lua | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-lua | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-lua | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-lua | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-ndk | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-ndk | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-ndk | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-ndk | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-perl | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-perl | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-perl | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-perl | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-subs-filter | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-subs-filter | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-subs-filter | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-subs-filter | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-uploadprogress | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-uploadprogress | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-uploadprogress | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-uploadprogress | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-upstream-fair | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-upstream-fair | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-upstream-fair | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-upstream-fair | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-http-xslt-filter | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-http-xslt-filter | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-http-xslt-filter | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-http-xslt-filter | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-mail | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-mail | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-mail | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-mail | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-nchan | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-nchan | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-nchan | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-nchan | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-stream | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-stream | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-stream | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-stream | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-stream-geoip | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-stream-geoip | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-stream-geoip | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-stream-geoip | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libnginx-mod-stream-geoip2 | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | libnginx-mod-stream-geoip2 | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | libnginx-mod-stream-geoip2 | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | libnginx-mod-stream-geoip2 | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | libpcre2-8-0 | CVE-2022-1586 | HIGH | 10.36-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1586
https://bugzilla.redhat.com/show_bug.cgi?id=2077976,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,
https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
| | libpcre2-8-0 | CVE-2022-1587 | HIGH | 10.36-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1587
https://bugzilla.redhat.com/show_bug.cgi?id=2077983,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587
https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-13 | |
Expand...http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://access.redhat.com/security/cve/CVE-2017-11164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libpcre3 | CVE-2017-16231 | LOW | 2:8.39-13 | |
Expand...http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2018/Dec/33
http://www.openwall.com/lists/oss-security/2017/11/01/11
http://www.openwall.com/lists/oss-security/2017/11/01/3
http://www.openwall.com/lists/oss-security/2017/11/01/7
http://www.openwall.com/lists/oss-security/2017/11/01/8
http://www.securityfocus.com/bid/101688
https://access.redhat.com/security/cve/CVE-2017-16231
https://bugs.exim.org/show_bug.cgi?id=2047
| | libpcre3 | CVE-2017-7245 | LOW | 2:8.39-13 | |
Expand...http://www.securityfocus.com/bid/97067
https://access.redhat.com/errata/RHSA-2018:2486
https://access.redhat.com/security/cve/CVE-2017-7245
https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
https://security.gentoo.org/glsa/201710-25
| | libpcre3 | CVE-2017-7246 | LOW | 2:8.39-13 | |
Expand...http://www.securityfocus.com/bid/97067
https://access.redhat.com/errata/RHSA-2018:2486
https://access.redhat.com/security/cve/CVE-2017-7246
https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
https://security.gentoo.org/glsa/201710-25
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-13 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://access.redhat.com/security/cve/CVE-2019-20838
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://errata.almalinux.org/8/ALSA-2021-4373.html
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-20838
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://ubuntu.com/security/notices/USN-5425-1
https://www.pcre.org/original/changelog.txt
| | libperl5.32 | CVE-2020-16156 | HIGH | 5.32.1-4+deb11u2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | libperl5.32 | CVE-2011-4116 | LOW | 5.32.1-4+deb11u2 | |
Expand...http://www.openwall.com/lists/oss-security/2011/11/04/2
http://www.openwall.com/lists/oss-security/2011/11/04/4
https://access.redhat.com/security/cve/CVE-2011-4116
https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
https://rt.cpan.org/Public/Bug/Display.html?id=69106
https://seclists.org/oss-sec/2011/q4/238
| | libpng16-16 | CVE-2019-6129 | LOW | 1.6.37-3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-6129
https://github.com/glennrp/libpng/issues/269
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
| | libpng16-16 | CVE-2021-4214 | LOW | 1.6.37-3 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4214
| | libsepol1 | CVE-2021-36084 | LOW | 3.1-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36084
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1
| | libsepol1 | CVE-2021-36085 | LOW | 3.1-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36085
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1
| | libsepol1 | CVE-2021-36086 | LOW | 3.1-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36086
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://ubuntu.com/security/notices/USN-5391-1
| | libsepol1 | CVE-2021-36087 | LOW | 3.1-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36087
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://errata.almalinux.org/8/ALSA-2021-4513.html
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
https://ubuntu.com/security/notices/USN-5391-1
| | libsmartcols1 | CVE-2022-0563 | LOW | 2.36.1-8+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
| | libss2 | CVE-2022-1304 | HIGH | 1.46.2-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libssl1.1 | CVE-2022-1292 | CRITICAL | 1.1.1n-0+deb11u1 | 1.1.1n-0+deb11u2 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html
https://nvd.nist.gov/vuln/detail/CVE-2022-1292
https://ubuntu.com/security/notices/USN-5402-1
https://www.openssl.org/news/secadv/20220503.txt
| | libssl1.1 | CVE-2007-6755 | LOW | 1.1.1n-0+deb11u1 | |
Expand...http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/
http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html
http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html
http://rump2007.cr.yp.to/15-shumow.pdf
http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/
http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect
http://www.securityfocus.com/bid/63657
https://access.redhat.com/security/cve/CVE-2007-6755
https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
| | libssl1.1 | CVE-2010-0928 | LOW | 1.1.1n-0+deb11u1 | |
Expand...http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/
http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf
http://www.networkworld.com/news/2010/030410-rsa-security-attack.html
http://www.osvdb.org/62808
http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/
https://access.redhat.com/security/cve/CVE-2010-0928
https://exchange.xforce.ibmcloud.com/vulnerabilities/56750
| | libsystemd0 | CVE-2013-4392 | LOW | 247.3-7 | |
Expand...http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
http://www.openwall.com/lists/oss-security/2013/10/01/9
https://access.redhat.com/security/cve/CVE-2013-4392
https://bugzilla.redhat.com/show_bug.cgi?id=859060
| | libsystemd0 | CVE-2020-13529 | LOW | 247.3-7 | |
Expand...http://www.openwall.com/lists/oss-security/2021/08/04/2
http://www.openwall.com/lists/oss-security/2021/08/17/3
http://www.openwall.com/lists/oss-security/2021/09/07/3
https://access.redhat.com/security/cve/CVE-2020-13529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529
https://linux.oracle.com/cve/CVE-2020-13529.html
https://linux.oracle.com/errata/ELSA-2021-4361.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
https://security.gentoo.org/glsa/202107-48
https://security.netapp.com/advisory/ntap-20210625-0005/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
https://ubuntu.com/security/notices/USN-5013-1
https://ubuntu.com/security/notices/USN-5013-2
| | libtiff5 | CVE-2022-1210 | MEDIUM | 4.2.0-1+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1210
https://gitlab.com/libtiff/libtiff/-/issues/402
https://gitlab.com/libtiff/libtiff/uploads/c3da94e53cf1e1e8e6d4d3780dc8c42f/example.tiff
https://nvd.nist.gov/vuln/detail/CVE-2022-1210
https://security.netapp.com/advisory/ntap-20220513-0005/
https://vuldb.com/?id.196363
| | libtiff5 | CVE-2022-1354 | MEDIUM | 4.2.0-1+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1354
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
https://gitlab.com/libtiff/libtiff/-/issues/319
| | libtiff5 | CVE-2022-1355 | MEDIUM | 4.2.0-1+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1355
| | libtiff5 | CVE-2022-1622 | MEDIUM | 4.2.0-1+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1622
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1622.json
https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a
https://gitlab.com/libtiff/libtiff/-/issues/410
| | libtiff5 | CVE-2022-1623 | MEDIUM | 4.2.0-1+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1623
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1623.json
https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a
https://gitlab.com/libtiff/libtiff/-/issues/410
| | libtiff5 | CVE-2014-8130 | LOW | 4.2.0-1+deb11u1 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2483
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
http://openwall.com/lists/oss-security/2015/01/24/15
http://rhn.redhat.com/errata/RHSA-2016-1546.html
http://rhn.redhat.com/errata/RHSA-2016-1547.html
http://support.apple.com/kb/HT204941
http://support.apple.com/kb/HT204942
http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt
http://www.securityfocus.com/bid/72353
http://www.securitytracker.com/id/1032760
https://access.redhat.com/security/cve/CVE-2014-8130
https://bugzilla.redhat.com/show_bug.cgi?id=1185817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130
https://github.com/vadz/libtiff/commit/3c5eb8b1be544e41d2c336191bc4936300ad7543
https://linux.oracle.com/cve/CVE-2014-8130.html
https://linux.oracle.com/errata/ELSA-2016-1547.html
https://security.gentoo.org/glsa/201701-16
https://ubuntu.com/security/notices/USN-2553-1
| | libtiff5 | CVE-2017-16232 | LOW | 4.2.0-1+deb11u1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00041.html
http://packetstormsecurity.com/files/150896/LibTIFF-4.0.8-Memory-Leak.html
http://seclists.org/fulldisclosure/2018/Dec/32
http://seclists.org/fulldisclosure/2018/Dec/47
http://www.openwall.com/lists/oss-security/2017/11/01/11
http://www.openwall.com/lists/oss-security/2017/11/01/3
http://www.openwall.com/lists/oss-security/2017/11/01/7
http://www.openwall.com/lists/oss-security/2017/11/01/8
http://www.securityfocus.com/bid/101696
https://access.redhat.com/security/cve/CVE-2017-16232
| | libtiff5 | CVE-2017-17973 | LOW | 4.2.0-1+deb11u1 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2769
http://www.securityfocus.com/bid/102331
https://access.redhat.com/security/cve/CVE-2017-17973
https://bugzilla.novell.com/show_bug.cgi?id=1074318
https://bugzilla.redhat.com/show_bug.cgi?id=1530912
| | libtiff5 | CVE-2017-5563 | LOW | 4.2.0-1+deb11u1 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2664
http://www.securityfocus.com/bid/95705
https://access.redhat.com/security/cve/CVE-2017-5563
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5563
https://security.gentoo.org/glsa/201709-27
https://ubuntu.com/security/notices/USN-3606-1
https://usn.ubuntu.com/3606-1/
| | libtiff5 | CVE-2017-9117 | LOW | 4.2.0-1+deb11u1 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2690
http://www.securityfocus.com/bid/98581
https://access.redhat.com/security/cve/CVE-2017-9117
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9117
https://ubuntu.com/security/notices/USN-3606-1
https://usn.ubuntu.com/3606-1/
| | libtiff5 | CVE-2018-10126 | LOW | 4.2.0-1+deb11u1 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://access.redhat.com/security/cve/CVE-2018-10126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libtiff5 | CVE-2022-1056 | LOW | 4.2.0-1+deb11u1 | |
Expand...https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json
https://gitlab.com/libtiff/libtiff/-/issues/391
https://gitlab.com/libtiff/libtiff/-/merge_requests/307
https://nvd.nist.gov/vuln/detail/CVE-2022-1056
| | libtinfo6 | CVE-2022-29458 | HIGH | 6.2+20201114-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-29458
https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html
https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2022-29458
| | libtinfo6 | CVE-2021-39537 | LOW | 6.2+20201114-2 | |
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://access.redhat.com/security/cve/CVE-2021-39537
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2021-39537
| | libudev1 | CVE-2013-4392 | LOW | 247.3-7 | |
Expand...http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
http://www.openwall.com/lists/oss-security/2013/10/01/9
https://access.redhat.com/security/cve/CVE-2013-4392
https://bugzilla.redhat.com/show_bug.cgi?id=859060
| | libudev1 | CVE-2020-13529 | LOW | 247.3-7 | |
Expand...http://www.openwall.com/lists/oss-security/2021/08/04/2
http://www.openwall.com/lists/oss-security/2021/08/17/3
http://www.openwall.com/lists/oss-security/2021/09/07/3
https://access.redhat.com/security/cve/CVE-2020-13529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529
https://linux.oracle.com/cve/CVE-2020-13529.html
https://linux.oracle.com/errata/ELSA-2021-4361.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
https://security.gentoo.org/glsa/202107-48
https://security.netapp.com/advisory/ntap-20210625-0005/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
https://ubuntu.com/security/notices/USN-5013-1
https://ubuntu.com/security/notices/USN-5013-2
| | libuuid1 | CVE-2022-0563 | LOW | 2.36.1-8+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
| | libwebp6 | CVE-2016-9085 | LOW | 0.6.1-2.1 | |
Expand...http://www.openwall.com/lists/oss-security/2016/10/27/3
http://www.securityfocus.com/bid/93928
https://access.redhat.com/security/cve/CVE-2016-9085
https://bugzilla.redhat.com/show_bug.cgi?id=1389338
https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/
https://security.gentoo.org/glsa/201701-61
| | libxml2 | CVE-2022-29824 | MEDIUM | 2.9.10+dfsg-6.7+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-29824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
https://gitlab.gnome.org/GNOME/libxslt/-/tags
https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
https://nvd.nist.gov/vuln/detail/CVE-2022-29824
https://ubuntu.com/security/notices/USN-5422-1
| | libxslt1.1 | CVE-2015-9019 | LOW | 1.1.34-4 | |
Expand...https://access.redhat.com/security/cve/CVE-2015-9019
https://bugzilla.gnome.org/show_bug.cgi?id=758400
https://bugzilla.suse.com/show_bug.cgi?id=934119
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9019
| | libxtables12 | CVE-2012-2663 | LOW | 1.8.7-1 | |
Expand...http://www.spinics.net/lists/netfilter-devel/msg21248.html
https://access.redhat.com/security/cve/CVE-2012-2663
https://bugzilla.redhat.com/show_bug.cgi?id=826702
| | login | CVE-2007-5686 | LOW | 1:4.8.1-1 | |
Expand...http://secunia.com/advisories/27215
http://www.securityfocus.com/archive/1/482129/100/100/threaded
http://www.securityfocus.com/archive/1/482857/100/0/threaded
http://www.securityfocus.com/bid/26048
http://www.vupen.com/english/advisories/2007/3474
https://issues.rpath.com/browse/RPL-1825
| | login | CVE-2013-4235 | LOW | 1:4.8.1-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | login | CVE-2019-19882 | LOW | 1:4.8.1-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-19882
https://bugs.archlinux.org/task/64836
https://bugs.gentoo.org/702252
https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75
https://github.com/shadow-maint/shadow/pull/199
https://github.com/void-linux/void-packages/pull/17580
https://security.gentoo.org/glsa/202008-09
| | logsave | CVE-2022-1304 | HIGH | 1.46.2-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | mount | CVE-2022-0563 | LOW | 2.36.1-8+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
| | ncurses-base | CVE-2022-29458 | HIGH | 6.2+20201114-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-29458
https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html
https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2022-29458
| | ncurses-base | CVE-2021-39537 | LOW | 6.2+20201114-2 | |
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://access.redhat.com/security/cve/CVE-2021-39537
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2021-39537
| | ncurses-bin | CVE-2022-29458 | HIGH | 6.2+20201114-2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-29458
https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html
https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2022-29458
| | ncurses-bin | CVE-2021-39537 | LOW | 6.2+20201114-2 | |
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://access.redhat.com/security/cve/CVE-2021-39537
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2021-39537
| | nginx-common | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | nginx-common | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | nginx-common | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | nginx-common | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | nginx-extras | CVE-2021-3618 | HIGH | 1.18.0-6.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
https://ubuntu.com/security/notices/USN-5371-1
https://ubuntu.com/security/notices/USN-5371-2
| | nginx-extras | CVE-2020-36309 | MEDIUM | 1.18.0-6.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
https://ubuntu.com/security/notices/USN-5371-1
| | nginx-extras | CVE-2009-4487 | LOW | 1.18.0-6.1 | |
Expand...http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.securityfocus.com/bid/37711
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
https://access.redhat.com/security/cve/CVE-2009-4487
https://nvd.nist.gov/vuln/detail/CVE-2009-4487
| | nginx-extras | CVE-2013-0337 | LOW | 1.18.0-6.1 | |
Expand...http://secunia.com/advisories/55181
http://security.gentoo.org/glsa/glsa-201310-04.xml
http://www.openwall.com/lists/oss-security/2013/02/21/15
http://www.openwall.com/lists/oss-security/2013/02/22/1
http://www.openwall.com/lists/oss-security/2013/02/24/1
| | openssh-client | CVE-2021-41617 | HIGH | 1:8.4p1-5 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-41617
https://bugzilla.suse.com/show_bug.cgi?id=1190975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
https://errata.almalinux.org/8/ALSA-2022-2013.html
https://linux.oracle.com/cve/CVE-2021-41617.html
https://linux.oracle.com/errata/ELSA-2022-2013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
https://nvd.nist.gov/vuln/detail/CVE-2021-41617
https://security.netapp.com/advisory/ntap-20211014-0004/
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.8
https://www.openwall.com/lists/oss-security/2021/09/26/1
https://www.oracle.com/security-alerts/cpuapr2022.html
| | openssh-client | CVE-2007-2243 | LOW | 1:8.4p1-5 | |
Expand...http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053906.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053951.html
http://securityreason.com/securityalert/2631
http://www.osvdb.org/34600
http://www.securityfocus.com/bid/23601
https://exchange.xforce.ibmcloud.com/vulnerabilities/33794
https://security.netapp.com/advisory/ntap-20191107-0003/
| | openssh-client | CVE-2007-2768 | LOW | 1:8.4p1-5 | |
Expand...http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html
http://www.osvdb.org/34601
https://nvd.nist.gov/vuln/detail/CVE-2007-2768
https://security.netapp.com/advisory/ntap-20191107-0002/
| | openssh-client | CVE-2008-3234 | LOW | 1:8.4p1-5 | |
Expand...http://www.securityfocus.com/bid/30276
https://exchange.xforce.ibmcloud.com/vulnerabilities/44037
https://www.exploit-db.com/exploits/6094
| | openssh-client | CVE-2016-20012 | LOW | 1:8.4p1-5 | |
Expand...https://access.redhat.com/security/cve/CVE-2016-20012
https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265
https://github.com/openssh/openssh-portable/pull/270
https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097
https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185
https://nvd.nist.gov/vuln/detail/CVE-2016-20012
https://rushter.com/blog/public-ssh-keys/
https://security.netapp.com/advisory/ntap-20211014-0005/
https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak
https://www.openwall.com/lists/oss-security/2018/08/24/1
| | openssh-client | CVE-2018-15919 | LOW | 1:8.4p1-5 | |
Expand...http://seclists.org/oss-sec/2018/q3/180
http://www.securityfocus.com/bid/105163
https://access.redhat.com/security/cve/CVE-2018-15919
https://security.netapp.com/advisory/ntap-20181221-0001/
| | openssh-client | CVE-2019-6110 | LOW | 1:8.4p1-5 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-6110
https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c
https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
https://security.gentoo.org/glsa/201903-16
https://security.netapp.com/advisory/ntap-20190213-0001/
https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
https://www.exploit-db.com/exploits/46193/
| | openssh-client | CVE-2020-14145 | LOW | 1:8.4p1-5 | |
Expand...http://www.openwall.com/lists/oss-security/2020/12/02/1
https://access.redhat.com/security/cve/CVE-2020-14145
https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145
https://docs.ssh-mitm.at/CVE-2020-14145.html
https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
https://linux.oracle.com/cve/CVE-2020-14145.html
https://linux.oracle.com/errata/ELSA-2021-4368.html
https://nvd.nist.gov/vuln/detail/CVE-2020-14145
https://security.gentoo.org/glsa/202105-35
https://security.netapp.com/advisory/ntap-20200709-0004/
https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf
| | openssh-client | CVE-2020-15778 | LOW | 1:8.4p1-5 | |
Expand...https://access.redhat.com/articles/5284081
https://access.redhat.com/security/cve/CVE-2020-15778
https://github.com/cpandya2909/CVE-2020-15778
https://github.com/cpandya2909/CVE-2020-15778/
https://news.ycombinator.com/item?id=25005567
https://nvd.nist.gov/vuln/detail/CVE-2020-15778
https://security.netapp.com/advisory/ntap-20200731-0007/
https://www.openssh.com/security.html
| | openssh-client | CVE-2021-36368 | LOW | 1:8.4p1-5 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36368
https://bugzilla.mindrot.org/show_bug.cgi?id=3316
https://docs.ssh-mitm.at/trivialauth.html
https://github.com/openssh/openssh-portable/pull/258
https://nvd.nist.gov/vuln/detail/CVE-2021-36368
https://security-tracker.debian.org/tracker/CVE-2021-36368
https://www.openssh.com/security.html
| | openssl | CVE-2022-1292 | CRITICAL | 1.1.1n-0+deb11u1 | 1.1.1n-0+deb11u2 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html
https://nvd.nist.gov/vuln/detail/CVE-2022-1292
https://ubuntu.com/security/notices/USN-5402-1
https://www.openssl.org/news/secadv/20220503.txt
| | openssl | CVE-2007-6755 | LOW | 1.1.1n-0+deb11u1 | |
Expand...http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/
http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html
http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html
http://rump2007.cr.yp.to/15-shumow.pdf
http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/
http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect
http://www.securityfocus.com/bid/63657
https://access.redhat.com/security/cve/CVE-2007-6755
https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
| | openssl | CVE-2010-0928 | LOW | 1.1.1n-0+deb11u1 | |
Expand...http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/
http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf
http://www.networkworld.com/news/2010/030410-rsa-security-attack.html
http://www.osvdb.org/62808
http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/
https://access.redhat.com/security/cve/CVE-2010-0928
https://exchange.xforce.ibmcloud.com/vulnerabilities/56750
| | passwd | CVE-2007-5686 | LOW | 1:4.8.1-1 | |
Expand...http://secunia.com/advisories/27215
http://www.securityfocus.com/archive/1/482129/100/100/threaded
http://www.securityfocus.com/archive/1/482857/100/0/threaded
http://www.securityfocus.com/bid/26048
http://www.vupen.com/english/advisories/2007/3474
https://issues.rpath.com/browse/RPL-1825
| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | passwd | CVE-2019-19882 | LOW | 1:4.8.1-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-19882
https://bugs.archlinux.org/task/64836
https://bugs.gentoo.org/702252
https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75
https://github.com/shadow-maint/shadow/pull/199
https://github.com/void-linux/void-packages/pull/17580
https://security.gentoo.org/glsa/202008-09
| | patch | CVE-2010-4651 | LOW | 2.7.6-7 | |
Expand...http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html
http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html
http://openwall.com/lists/oss-security/2011/01/05/10
http://openwall.com/lists/oss-security/2011/01/06/19
http://openwall.com/lists/oss-security/2011/01/06/20
http://openwall.com/lists/oss-security/2011/01/06/21
http://secunia.com/advisories/43663
http://secunia.com/advisories/43677
http://support.apple.com/kb/HT4723
http://www.securityfocus.com/bid/46768
http://www.vupen.com/english/advisories/2011/0600
https://access.redhat.com/security/cve/CVE-2010-4651
https://bugzilla.redhat.com/show_bug.cgi?id=667529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651
https://ubuntu.com/security/notices/USN-2651-1
| | patch | CVE-2018-6951 | LOW | 2.7.6-7 | |
Expand...http://www.securityfocus.com/bid/103044
https://access.redhat.com/security/cve/CVE-2018-6951
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6951
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a
https://nvd.nist.gov/vuln/detail/CVE-2018-6951
https://savannah.gnu.org/bugs/index.php?53132
https://security.gentoo.org/glsa/201904-17
https://ubuntu.com/security/notices/USN-3624-1
https://usn.ubuntu.com/3624-1/
| | patch | CVE-2018-6952 | LOW | 2.7.6-7 | |
Expand...http://www.securityfocus.com/bid/103047
https://access.redhat.com/errata/RHSA-2019:2033
https://access.redhat.com/security/cve/CVE-2018-6952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
https://linux.oracle.com/cve/CVE-2018-6952.html
https://linux.oracle.com/errata/ELSA-2019-2033.html
https://nvd.nist.gov/vuln/detail/CVE-2018-6952
https://savannah.gnu.org/bugs/index.php?53133
https://security.gentoo.org/glsa/201904-17
| | patch | CVE-2021-45261 | LOW | 2.7.6-7 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45261
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45261
https://savannah.gnu.org/bugs/?61685
| | perl | CVE-2020-16156 | HIGH | 5.32.1-4+deb11u2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | perl | CVE-2011-4116 | LOW | 5.32.1-4+deb11u2 | |
Expand...http://www.openwall.com/lists/oss-security/2011/11/04/2
http://www.openwall.com/lists/oss-security/2011/11/04/4
https://access.redhat.com/security/cve/CVE-2011-4116
https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
https://rt.cpan.org/Public/Bug/Display.html?id=69106
https://seclists.org/oss-sec/2011/q4/238
| | perl-base | CVE-2020-16156 | HIGH | 5.32.1-4+deb11u2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | perl-base | CVE-2011-4116 | LOW | 5.32.1-4+deb11u2 | |
Expand...http://www.openwall.com/lists/oss-security/2011/11/04/2
http://www.openwall.com/lists/oss-security/2011/11/04/4
https://access.redhat.com/security/cve/CVE-2011-4116
https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
https://rt.cpan.org/Public/Bug/Display.html?id=69106
https://seclists.org/oss-sec/2011/q4/238
| | perl-modules-5.32 | CVE-2020-16156 | HIGH | 5.32.1-4+deb11u2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | perl-modules-5.32 | CVE-2011-4116 | LOW | 5.32.1-4+deb11u2 | |
Expand...http://www.openwall.com/lists/oss-security/2011/11/04/2
http://www.openwall.com/lists/oss-security/2011/11/04/4
https://access.redhat.com/security/cve/CVE-2011-4116
https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
https://rt.cpan.org/Public/Bug/Display.html?id=69106
https://seclists.org/oss-sec/2011/q4/238
| | tar | CVE-2005-2541 | LOW | 1.34+dfsg-1 | |
Expand...http://marc.info/?l=bugtraq&m=112327628230258&w=2
https://access.redhat.com/security/cve/CVE-2005-2541
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
| | util-linux | CVE-2022-0563 | LOW | 2.36.1-8+deb11u1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
|