---
hide:
- toc
---
# Security Overview
## Helm-Chart
##### Scan Results
#### Chart Object: gonic/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | Expand...
A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.allowPrivilegeEscalation' to false Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
Expand...
The container should drop all default capabilities and add only those that are needed for its execution.
Container 'RELEASE-NAME-gonic' of Deployment 'RELEASE-NAME-gonic' should add 'ALL' to 'securityContext.capabilities.drop' Expand...
https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
Expand...
The container should drop all default capabilities and add only those that are needed for its execution.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should add 'ALL' to 'securityContext.capabilities.drop' Expand...
https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
Expand...
Enforcing CPU limits prevents DoS via resource exhaustion.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'resources.limits.cpu' Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container 'RELEASE-NAME-gonic' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsNonRoot' to true Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container 'autopermissions' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsNonRoot' to true Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsNonRoot' to true Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container 'autopermissions' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.readOnlyRootFilesystem' to true Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.readOnlyRootFilesystem' to true Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Expand...
When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'resources.requests.cpu' Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
Expand...
When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'resources.requests.memory' Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
Expand...
Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.privileged' to false Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
Expand...
Enforcing memory limits prevents DoS via resource exhaustion.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'resources.limits.memory' Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container 'RELEASE-NAME-gonic' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsUser' > 10000 Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container 'autopermissions' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsUser' > 10000 Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsUser' > 10000 Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container 'RELEASE-NAME-gonic' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsGroup' > 10000 Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container 'autopermissions' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsGroup' > 10000 Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container 'hostpatch' of Deployment 'RELEASE-NAME-gonic' should set 'securityContext.runAsGroup' > 10000 Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Expand...
HostPath volumes must be forbidden.
Deployment 'RELEASE-NAME-gonic' should not set 'spec.template.volumes.hostPath' Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
Expand...
Containers should be forbidden from running with a root primary or supplementary GID.
Deployment 'RELEASE-NAME-gonic' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029
Expand...
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
Expand...
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
Expand...
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
Expand...
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
Expand...
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
Expand...
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
Expand...
https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
Expand...
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
Expand...
https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42379
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42380
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42381
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42382
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42383
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
Expand...
https://access.redhat.com/security/cve/CVE-2021-42384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42384
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42385
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42386
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42374
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42375
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
Expand...
http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22822.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22822
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
Expand...
http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22823.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22823
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
Expand...
http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22824.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22824
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
Expand...
https://access.redhat.com/security/cve/CVE-2022-23852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
https://linux.oracle.com/cve/CVE-2022-23852.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23852
https://security.netapp.com/advisory/ntap-20220217-0001/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-05
Expand...
https://access.redhat.com/security/cve/CVE-2022-23990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
https://linux.oracle.com/cve/CVE-2022-23990.html
https://linux.oracle.com/errata/ELSA-2022-9232.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://nvd.nist.gov/vuln/detail/CVE-2022-23990
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-05
Expand...
http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25235
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
https://github.com/libexpat/libexpat/pull/562
https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)
https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)
https://linux.oracle.com/cve/CVE-2022-25235.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25235
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
Expand...
http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25236
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
https://github.com/libexpat/libexpat/pull/561
https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)
https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)
https://github.com/libexpat/libexpat/pull/577
https://linux.oracle.com/cve/CVE-2022-25236.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25236
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
Expand...
http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25315
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
https://github.com/libexpat/libexpat/pull/559
https://linux.oracle.com/cve/CVE-2022-25315.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25315
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
Expand...
http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-45960
https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
https://github.com/libexpat/libexpat/issues/531
https://github.com/libexpat/libexpat/pull/534
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
https://linux.oracle.com/cve/CVE-2021-45960.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2021-45960
https://security.netapp.com/advisory/ntap-20220121-0004/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
Expand...
http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-46143
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
https://github.com/libexpat/libexpat/issues/532
https://github.com/libexpat/libexpat/pull/538
https://linux.oracle.com/cve/CVE-2021-46143.html
https://linux.oracle.com/errata/ELSA-2022-9227.html
https://nvd.nist.gov/vuln/detail/CVE-2021-46143
https://security.netapp.com/advisory/ntap-20220121-0006/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
Expand...
http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22825.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22825
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
Expand...
http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22826.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22826
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
Expand...
http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22827.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22827
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
Expand...
http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25314
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
https://github.com/libexpat/libexpat/pull/560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25314
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
Expand...
http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25313
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
https://github.com/libexpat/libexpat/pull/558
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25313
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38171
https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://patchwork.ffmpeg.org/project/ffmpeg/patch/AS8P193MB12542A86E22F8207EC971930B6F19@AS8P193MB1254.EURP193.PROD.OUTLOOK.COM/
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20450
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3865b1952e5cf993b016d83ba78fe1deb63bbfad (4.3)
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5400e4a50c61e53e1bc50b3e77201649bbe9c510
https://trac.ffmpeg.org/ticket/7993
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22015
https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
https://trac.ffmpeg.org/ticket/8190
https://www.debian.org/security/2021/dsa-4990
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38291
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://trac.ffmpeg.org/ticket/9312
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20446
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://trac.ffmpeg.org/ticket/7995
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20453
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://trac.ffmpeg.org/ticket/8003
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22019
https://trac.ffmpeg.org/ticket/8241
https://www.debian.org/security/2021/dsa-4990
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22021
https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
https://trac.ffmpeg.org/ticket/8240
https://www.debian.org/security/2021/dsa-4990
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22037
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://trac.ffmpeg.org/ticket/8281
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22042
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=426c16d61a9b5056a157a1a2a057a4e4d13eef84
https://trac.ffmpeg.org/ticket/8267
https://www.debian.org/security/2021/dsa-4998
Expand...
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35964
https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7
https://security.gentoo.org/glsa/202105-24
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38114
https://github.com/FFmpeg/FFmpeg/commit/7150f9575671f898382c370acae35f9087a30ba1
https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
https://patchwork.ffmpeg.org/project/ffmpeg/patch/PAXP193MB12624C21AE412BE95BA4D4A4B6F09@PAXP193MB1262.EURP193.PROD.OUTLOOK.COM/
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38171
https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://patchwork.ffmpeg.org/project/ffmpeg/patch/AS8P193MB12542A86E22F8207EC971930B6F19@AS8P193MB1254.EURP193.PROD.OUTLOOK.COM/
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20450
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3865b1952e5cf993b016d83ba78fe1deb63bbfad (4.3)
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5400e4a50c61e53e1bc50b3e77201649bbe9c510
https://trac.ffmpeg.org/ticket/7993
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22015
https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
https://trac.ffmpeg.org/ticket/8190
https://www.debian.org/security/2021/dsa-4990
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38291
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://trac.ffmpeg.org/ticket/9312
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20446
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://trac.ffmpeg.org/ticket/7995
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20453
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://trac.ffmpeg.org/ticket/8003
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22019
https://trac.ffmpeg.org/ticket/8241
https://www.debian.org/security/2021/dsa-4990
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22021
https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
https://trac.ffmpeg.org/ticket/8240
https://www.debian.org/security/2021/dsa-4990
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22037
https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html
https://trac.ffmpeg.org/ticket/8281
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22042
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=426c16d61a9b5056a157a1a2a057a4e4d13eef84
https://trac.ffmpeg.org/ticket/8267
https://www.debian.org/security/2021/dsa-4998
Expand...
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35964
https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7
https://security.gentoo.org/glsa/202105-24
Expand...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38114
https://github.com/FFmpeg/FFmpeg/commit/7150f9575671f898382c370acae35f9087a30ba1
https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
https://patchwork.ffmpeg.org/project/ffmpeg/patch/PAXP193MB12624C21AE412BE95BA4D4A4B6F09@PAXP193MB1262.EURP193.PROD.OUTLOOK.COM/
https://www.debian.org/security/2021/dsa-4990
https://www.debian.org/security/2021/dsa-4998
Expand...
https://access.redhat.com/security/cve/CVE-2021-43618
https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43618
Expand...
https://access.redhat.com/security/cve/CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
Expand...
https://access.redhat.com/security/cve/CVE-2021-3996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
Expand...
https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
Expand...
http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/security/cve/CVE-2021-3711
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-3711
https://rustsec.org/advisories/RUSTSEC-2021-0097.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://ubuntu.com/security/notices/USN-5051-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
Expand...
http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json
https://access.redhat.com/security/cve/CVE-2021-3712
https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://linux.oracle.com/cve/CVE-2021-3712.html
https://linux.oracle.com/errata/ELSA-2022-9023.html
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3712
https://rustsec.org/advisories/RUSTSEC-2021-0098.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
Expand...
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
Expand...
https://access.redhat.com/security/cve/CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
Expand...
https://access.redhat.com/security/cve/CVE-2021-3996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
Expand...
https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
Expand...
http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/security/cve/CVE-2021-3711
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-3711
https://rustsec.org/advisories/RUSTSEC-2021-0097.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://ubuntu.com/security/notices/USN-5051-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
Expand...
http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json
https://access.redhat.com/security/cve/CVE-2021-3712
https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://linux.oracle.com/cve/CVE-2021-3712.html
https://linux.oracle.com/errata/ELSA-2022-9023.html
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3712
https://rustsec.org/advisories/RUSTSEC-2021-0098.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
Expand...
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
Expand...
https://access.redhat.com/security/cve/CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
Expand...
https://access.redhat.com/security/cve/CVE-2021-3996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
Expand...
https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
https://security.netapp.com/advisory/ntap-20220331-0002/
Expand...
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
Expand...
https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42379
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42380
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42381
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42382
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42383
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
Expand...
https://access.redhat.com/security/cve/CVE-2021-42384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42384
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42385
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42386
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42374
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
Expand...
https://access.redhat.com/security/cve/CVE-2021-42375
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
Expand...
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
Expand...
https://access.redhat.com/security/cve/CVE-2022-27191
https://github.com/advisories/GHSA-8c26-wmh5-6g9v
https://groups.google.com/g/golang-announce
https://groups.google.com/g/golang-announce/c/-cp44ypCT5s
https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/
https://nvd.nist.gov/vuln/detail/CVE-2022-27191
Expand...
https://access.redhat.com/security/cve/CVE-2020-14040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040
https://github.com/advisories/GHSA-5rcv-m4m3-hfh7
https://github.com/golang/go/issues/39491
https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
https://go-review.googlesource.com/c/text/+/238238
https://go.dev/issue/39491
https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
https://linux.oracle.com/cve/CVE-2020-14040.html
https://linux.oracle.com/errata/ELSA-2020-4694.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/
https://nvd.nist.gov/vuln/detail/CVE-2020-14040
https://pkg.go.dev/vuln/GO-2020-0015
Expand...
https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113