--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: kavita/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'resources.limits.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'autopermissions' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV015 | CPU requests not specified | LOW |
Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'resources.requests.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
| | Kubernetes Security Check | KSV016 | Memory requests not specified | LOW |
Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'resources.requests.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
| | Kubernetes Security Check | KSV017 | Privileged container | HIGH |
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.privileged' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
| | Kubernetes Security Check | KSV018 | Memory not limited | LOW |
Expand... Enforcing memory limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'resources.limits.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM |
Expand... HostPath volumes must be forbidden.

Deployment 'RELEASE-NAME-kavita' should not set 'spec.template.volumes.hostPath'
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |
Expand... Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-kavita' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029
| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/kavita:v0.5.2@sha256:119f2935c636eb4e1789ae9d280d1c3dfb4b6ebdb0a1edb74116b19b36339584 ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/kavita:v0.5.2@sha256:119f2935c636eb4e1789ae9d280d1c3dfb4b6ebdb0a1edb74116b19b36339584 (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | 5.0-6ubuntu1.2 |
Expand...http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://access.redhat.com/security/cve/CVE-2019-18276
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-18276
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://ubuntu.com/security/notices/USN-5380-1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.youtube.com/watch?v=-wGtxJ8opa8
| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |
Expand...http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://access.redhat.com/security/cve/CVE-2016-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2781
| | e2fsprogs | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | gzip | CVE-2022-1271 | MEDIUM | 1.10-0ubuntu4 | 1.10-0ubuntu4.1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
https://ubuntu.com/security/notices/USN-5378-1
https://ubuntu.com/security/notices/USN-5378-2
https://ubuntu.com/security/notices/USN-5378-3
https://ubuntu.com/security/notices/USN-5378-4
https://www.openwall.com/lists/oss-security/2022/04/07/8
| | krb5-locales | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | krb5-locales | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libcairo2 | CVE-2017-7475 | LOW | 1.16.0-4ubuntu1 | |
Expand...http://seclists.org/oss-sec/2017/q2/151
https://access.redhat.com/security/cve/CVE-2017-7475
https://bugs.freedesktop.org/show_bug.cgi?id=100763
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
https://github.com/advisories/GHSA-5v3f-73gv-x7x5
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2017-7475
| | libcairo2 | CVE-2017-9814 | LOW | 1.16.0-4ubuntu1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00042.html
https://access.redhat.com/security/cve/CVE-2017-9814
https://bugs.freedesktop.org/show_bug.cgi?id=101547
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9814
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/201904-01
| | libcairo2 | CVE-2018-18064 | LOW | 1.16.0-4ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-18064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064
https://gitlab.freedesktop.org/cairo/cairo/issues/341
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libcairo2 | CVE-2019-6461 | LOW | 1.16.0-4ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-6461
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/352
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-6461
| | libcairo2 | CVE-2019-6462 | LOW | 1.16.0-4ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-6462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6462
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/353
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-6462
| | libcom-err2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libext2fs2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libgif7 | CVE-2020-23922 | LOW | 5.1.9-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-23922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23922
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://sourceforge.net/p/giflib/bugs/151/
| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-43618
https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43618
| | libgssapi-krb5-2 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libjbig0 | CVE-2017-9937 | LOW | 2.1-3.1build1 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2707
http://www.securityfocus.com/bid/99304
https://access.redhat.com/security/cve/CVE-2017-9937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-17541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html
https://nvd.nist.gov/vuln/detail/CVE-2020-17541
| | libk5crypto3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libkrb5-3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | liblzma5 | CVE-2022-1271 | MEDIUM | 5.2.4-1ubuntu1 | 5.2.4-1ubuntu1.1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
https://ubuntu.com/security/notices/USN-5378-1
https://ubuntu.com/security/notices/USN-5378-2
https://ubuntu.com/security/notices/USN-5378-3
https://ubuntu.com/security/notices/USN-5378-4
https://www.openwall.com/lists/oss-security/2022/04/07/8
| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |
Expand...http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://access.redhat.com/security/cve/CVE-2017-11164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://access.redhat.com/security/cve/CVE-2019-20838
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-20838
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://access.redhat.com/security/cve/CVE-2020-14155
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-14155
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.pcre.org/original/changelog.txt
| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36084
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36085
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36086
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36087
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
| | libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768
| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
| | libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://nvd.nist.gov/vuln/detail/CVE-2021-36690
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.sqlite.org/forum/forumpost/718c0a8d17
| | libss2 | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | libtiff5 | CVE-2022-0865 | MEDIUM | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json
https://gitlab.com/libtiff/libtiff/-/commit/a1c933dabd0e1c54a412f3f84ae0aa58115c6067
https://gitlab.com/libtiff/libtiff/-/issues/385
https://gitlab.com/libtiff/libtiff/-/merge_requests/306
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
https://nvd.nist.gov/vuln/detail/CVE-2022-0865
https://www.debian.org/security/2022/dsa-5108
| | libtiff5 | CVE-2022-0891 | MEDIUM | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json
https://gitlab.com/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/libtiff/libtiff/-/issues/380
https://gitlab.com/libtiff/libtiff/-/issues/382
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
https://nvd.nist.gov/vuln/detail/CVE-2022-0891
https://www.debian.org/security/2022/dsa-5108
| | libtiff5 | CVE-2018-10126 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://access.redhat.com/security/cve/CVE-2018-10126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libtiff5 | CVE-2020-35522 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-35522
https://bugzilla.redhat.com/show_bug.cgi?id=1932037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35522
https://gitlab.com/libtiff/libtiff/-/merge_requests/165
https://linux.oracle.com/cve/CVE-2020-35522.html
https://linux.oracle.com/errata/ELSA-2021-4241.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/
https://nvd.nist.gov/vuln/detail/CVE-2020-35522
https://security.gentoo.org/glsa/202104-06
https://security.netapp.com/advisory/ntap-20210521-0009/
| | libtiff5 | CVE-2022-0561 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0561
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://nvd.nist.gov/vuln/detail/CVE-2022-0561
https://security.netapp.com/advisory/ntap-20220318-0001/
https://www.debian.org/security/2022/dsa-5108
| | libtiff5 | CVE-2022-0562 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562
https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://nvd.nist.gov/vuln/detail/CVE-2022-0562
https://security.netapp.com/advisory/ntap-20220318-0001/
https://www.debian.org/security/2022/dsa-5108
| | libtiff5 | CVE-2022-22844 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-22844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844
https://gitlab.com/libtiff/libtiff/-/issues/355
https://gitlab.com/libtiff/libtiff/-/merge_requests/287
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22844
https://security.netapp.com/advisory/ntap-20220311-0002/
https://www.debian.org/security/2022/dsa-5108
| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | linux-libc-dev | CVE-2022-1015 | HIGH | 5.4.0-107.121 | |
Expand...http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/
https://access.redhat.com/security/cve/CVE-2022-1015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1015
https://seclists.org/oss-sec/2022/q1/205
https://ubuntu.com/security/notices/USN-5381-1
https://ubuntu.com/security/notices/USN-5383-1
https://www.openwall.com/lists/oss-security/2022/03/28/5
| | linux-libc-dev | CVE-2013-7445 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-7445
https://bugzilla.kernel.org/show_bug.cgi?id=60533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7445
https://lists.freedesktop.org/archives/dri-devel/2015-September/089778.html (potential start towards fixing)
| | linux-libc-dev | CVE-2015-8553 | MEDIUM | 5.4.0-107.121 | |
Expand...http://thread.gmane.org/gmane.linux.kernel/1924087/focus=1930758 (regression mention)
http://xenbits.xen.org/xsa/advisory-120.html
https://access.redhat.com/security/cve/CVE-2015-8553
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8553
https://seclists.org/bugtraq/2019/Aug/18
https://www.debian.org/security/2019/dsa-4497
| | linux-libc-dev | CVE-2016-8660 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.openwall.com/lists/oss-security/2016/10/13/8
http://www.securityfocus.com/bid/93558
https://access.redhat.com/security/cve/CVE-2016-8660
https://bugzilla.redhat.com/show_bug.cgi?id=1384851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8660
https://lore.kernel.org/linux-xfs/895314622.769515.1476375930648.JavaMail.zimbra@redhat.com/
https://marc.info/?l=linux-fsdevel&m=147639177409294&w=2
https://marc.info/?l=linux-xfs&m=149498118228320&w=2
| | linux-libc-dev | CVE-2018-17977 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/105539
https://access.redhat.com/security/cve/CVE-2018-17977
https://bugzilla.suse.com/show_bug.cgi?id=1111609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17977
https://www.openwall.com/lists/oss-security/2018/10/05/5
| | linux-libc-dev | CVE-2020-12362 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-12362
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12362
https://linux.oracle.com/cve/CVE-2020-12362.html
https://linux.oracle.com/errata/ELSA-2021-9434.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
| | linux-libc-dev | CVE-2020-24504 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-24504
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24504
https://linux.oracle.com/cve/CVE-2020-24504.html
https://linux.oracle.com/errata/ELSA-2021-4356.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html
| | linux-libc-dev | CVE-2020-27835 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-27835
https://bugzilla.redhat.com/show_bug.cgi?id=1901709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27835
https://git.kernel.org/linus/3d2a9d642512c21a12d19b9250e7a835dcb41a79
https://linux.oracle.com/cve/CVE-2020-27835.html
https://linux.oracle.com/errata/ELSA-2021-1578.html
https://ubuntu.com/security/notices/USN-4751-1
| | linux-libc-dev | CVE-2020-36310 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-36310
https://bugzilla.redhat.com/show_bug.cgi?id=1769283#c148
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36310
https://git.kernel.org/linus/e72436bc3a5206f95bb384e741154166ddb3202e
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e72436bc3a5206f95bb384e741154166ddb3202e
https://linux.oracle.com/cve/CVE-2020-36310.html
https://linux.oracle.com/errata/ELSA-2021-9307.html
https://www.debian.org/security/2022/dsa-5095
| | linux-libc-dev | CVE-2021-20320 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-20320
https://bugzilla.redhat.com/show_bug.cgi?id=2010090
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20320
https://lore.kernel.org/bpf/20210902185229.1840281-1-johan.almbladh@anyfinetworks.com/
https://nvd.nist.gov/vuln/detail/CVE-2021-20320
| | linux-libc-dev | CVE-2021-33061 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-33061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33061
https://security.netapp.com/advisory/ntap-20220210-0010/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html
| | linux-libc-dev | CVE-2021-3864 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3864
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3864
https://lore.kernel.org/all/20211221021744.864115-1-longman@redhat.com
https://lore.kernel.org/all/20211226150310.GA992@1wt.eu/
https://lore.kernel.org/lkml/20211228170910.623156-1-wander@redhat.com
https://www.openwall.com/lists/oss-security/2021/10/20/2
| | linux-libc-dev | CVE-2021-39800 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39800
https://source.android.com/security/bulletin/2022-04-01
| | linux-libc-dev | CVE-2021-39801 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39801
https://source.android.com/security/bulletin/2022-04-01
| | linux-libc-dev | CVE-2021-39802 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39802
https://source.android.com/security/bulletin/2022-04-01
| | linux-libc-dev | CVE-2021-4001 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4001
https://bugzilla.redhat.com/show_bug.cgi?id=2025645
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4001
https://git.kernel.org/linus/353050be4c19e102178ccc05988101887c25ae53
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=353050be4c19e102178ccc05988101887c25ae53
https://nvd.nist.gov/vuln/detail/CVE-2021-4001
https://ubuntu.com/security/notices/USN-5207-1
https://ubuntu.com/security/notices/USN-5265-1
https://ubuntu.com/security/notices/USN-5278-1
| | linux-libc-dev | CVE-2021-4148 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4148
https://bugzilla.redhat.com/show_bug.cgi?id=2026487
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4148
https://lkml.org/lkml/2021/9/12/323
https://lkml.org/lkml/2021/9/17/1037
https://lore.kernel.org/linux-mm/a07564a3-b2fc-9ffe-3ace-3f276075ea5c@google.com/
https://lore.kernel.org/lkml/CACkBjsYwLYLRmX8GpsDpMthagWOjWWrNxqY6ZLNQVr6yx+f5vA@mail.gmail.com/
https://lore.kernel.org/lkml/CAHbLzkrdGva2dzO36r62LKv_ip5trbMK0BO3vCeSBk2_7OE-zA@mail.gmail.com/
https://nvd.nist.gov/vuln/detail/CVE-2021-4148
| | linux-libc-dev | CVE-2021-4150 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4150
https://bugzilla.redhat.com/show_bug.cgi?id=2025938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4150
https://git.kernel.org/linus/9fbfabfda25d8774c5a08634fdd2da000a924890 (5.15-rc7)
https://lkml.org/lkml/2021/10/18/485
https://lkml.org/lkml/2021/9/6/781
https://nvd.nist.gov/vuln/detail/CVE-2021-4150
| | linux-libc-dev | CVE-2021-4159 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4159
| | linux-libc-dev | CVE-2021-4197 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4197
https://bugzilla.redhat.com/show_bug.cgi?id=2035652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4197
https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/
https://nvd.nist.gov/vuln/detail/CVE-2021-4197
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5368-1
| | linux-libc-dev | CVE-2021-4218 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4218
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4218
| | linux-libc-dev | CVE-2021-44879 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-44879
https://bugzilla.kernel.org/show_bug.cgi?id=215231
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44879
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f
https://lkml.org/lkml/2022/1/24/4067
https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao@kernel.org/T/
https://nvd.nist.gov/vuln/detail/CVE-2021-44879
https://ubuntu.com/security/notices/USN-5302-1
https://ubuntu.com/security/notices/USN-5383-1
https://www.openwall.com/lists/oss-security/2022/02/12/1
| | linux-libc-dev | CVE-2022-0382 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0382
https://github.com/torvalds/linux/commit/d6d86830705f173fca6087a3e67ceaf68db80523
https://nvd.nist.gov/vuln/detail/CVE-2022-0382
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5368-1
| | linux-libc-dev | CVE-2022-0400 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0400
https://bugzilla.redhat.com/show_bug.cgi?id=2040604
https://bugzilla.redhat.com/show_bug.cgi?id=2040604 (not public)
https://bugzilla.redhat.com/show_bug.cgi?id=2044575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0400
| | linux-libc-dev | CVE-2022-0480 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0480
https://bugzilla.redhat.com/show_bug.cgi?id=2049700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0480
https://git.kernel.org/linus/0f12156dff2862ac54235fc72703f18770769042 (5.15-rc1)
https://github.com/kata-containers/kata-containers/issues/3373
https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm@linux-foundation.org/
| | linux-libc-dev | CVE-2022-0494 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0494
https://bugzilla.redhat.com/show_bug.cgi?id=2039448
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0494
https://git.kernel.org/linus/cc8f7fe1f5eab010191aa4570f27641876fa1267 (5.17-rc5)
https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel@gmail.com/
https://nvd.nist.gov/vuln/detail/CVE-2022-0494
https://ubuntu.com/security/notices/USN-5381-1
| | linux-libc-dev | CVE-2022-0998 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.openwall.com/lists/oss-security/2022/04/02/1
https://access.redhat.com/security/cve/CVE-2022-0998
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-0998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0998
https://git.kernel.org/linus/870aaff92e959e29d40f9cfdb5ed06ba2fc2dae0 (5.17-rc1)
https://lore.kernel.org/netdev/20220123001216.2460383-13-sashal@kernel.org/
https://nvd.nist.gov/vuln/detail/CVE-2022-0998
| | linux-libc-dev | CVE-2022-1011 | MEDIUM | 5.4.0-107.121 | |
Expand...http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html
https://access.redhat.com/security/cve/CVE-2022-1011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1011
https://git.kernel.org/linus/0c4bcfdecb1ac0967619ee7ff44871d93c08c909 (5.17-rc8)
https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/
https://nvd.nist.gov/vuln/detail/CVE-2022-1011
https://security.netapp.com/advisory/ntap-20220425-0002/
https://ubuntu.com/security/notices/USN-5381-1
| | linux-libc-dev | CVE-2022-1048 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1048
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1048
https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai@suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3
https://ubuntu.com/security/notices/USN-5381-1
https://www.openwall.com/lists/oss-security/2022/03/28/4
| | linux-libc-dev | CVE-2022-1195 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1195
https://bugzilla.redhat.com/show_bug.cgi?id=2056381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1195
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b9111922b1f399aba6ed1e1b8f2079c3da1aed8
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e0588c291d6ce225f2b891753ca41d45ba42469
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=81b1d548d00bcd028303c4f3150fa753b9b8aa71
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b2f37aead1b82a770c48b5d583f35ec22aabb61e
| | linux-libc-dev | CVE-2022-1198 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1198
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1198
https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739
https://marc.info/?i=c012878.3292f.17fe9417790.Coremail.duoming@zju.edu.cn
| | linux-libc-dev | CVE-2022-1199 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1199
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1199
https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809
https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac
https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10
https://marc.info/?l=oss-security&m=164888973827435
| | linux-libc-dev | CVE-2022-1204 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1204
https://github.com/torvalds/linux/commit/5352a761308397a0e6250fdc629bb3f615b94747
https://github.com/torvalds/linux/commit/87563a043cef044fed5db7967a75741cc16ad2b1
https://github.com/torvalds/linux/commit/9fd75b66b8f68498454d685dc4ba13192ae069b0
https://github.com/torvalds/linux/commit/d01ffb9eee4af165d83b08dd73ebdf9fe94a519b
https://github.com/torvalds/linux/commit/feef318c855a361a1eccd880f33e88c460eb63b4
https://marc.info/?i=20c5f3a.325bc.17fe90c96f4.Coremail.duoming@zju.edu.cn
| | linux-libc-dev | CVE-2022-1205 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1205
https://github.com/torvalds/linux/commit/82e31755e55fbcea6a9dfaae5fe4860ade17cbc0
https://github.com/torvalds/linux/commit/fc6d01ff9ef03b66d4a3a23b46fc3c3d8cf92009
https://marc.info/?i=56c38247.32aa9.17fe95728b3.Coremail.duoming@zju.edu.cn
| | linux-libc-dev | CVE-2022-23036 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23036
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23037 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23037
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23038 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23038
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23039 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23039
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23040 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23040
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23041 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23041
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23042 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23042
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-24448 | MEDIUM | 5.4.0-107.121 | 5.4.0-109.123 |
Expand...https://access.redhat.com/security/cve/CVE-2022-24448
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24448
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac795161c93699d600db16c1a8cc23a65a1eceaf
https://github.com/torvalds/linux/commit/ac795161c93699d600db16c1a8cc23a65a1eceaf
https://linux.oracle.com/cve/CVE-2022-24448.html
https://linux.oracle.com/errata/ELSA-2022-9314.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://nvd.nist.gov/vuln/detail/CVE-2022-24448
https://ubuntu.com/security/notices/USN-5302-1
https://ubuntu.com/security/notices/USN-5383-1
https://ubuntu.com/security/notices/USN-5384-1
https://ubuntu.com/security/notices/USN-5385-1
https://www.debian.org/security/2022/dsa-5092
https://www.debian.org/security/2022/dsa-5096
https://www.spinics.net/lists/stable/msg531976.html
| | linux-libc-dev | CVE-2022-24958 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-24958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24958
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=501e38a5531efbd77d5c73c0ba838a889bfc1d74
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=89f3594d0de58e8a57d92d497dea9fee3d4b9cda
https://github.com/torvalds/linux/commit/501e38a5531efbd77d5c73c0ba838a889bfc1d74
https://github.com/torvalds/linux/commit/89f3594d0de58e8a57d92d497dea9fee3d4b9cda
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUVZA2YVOQJBJTDIDQ5HF5TAU2C6WP6H/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCW2KZYJ2H6BKZE3CVLHRIXYDGNYYC5P/
https://nvd.nist.gov/vuln/detail/CVE-2022-24958
https://security.netapp.com/advisory/ntap-20220225-0008/
https://ubuntu.com/security/notices/USN-5381-1
| | linux-libc-dev | CVE-2022-26966 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-26966
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26966
https://git.kernel.org/linus/e9da0b56fe27206b49f39805f7dcda8a89379062 (5.17-rc6)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e9da0b56fe27206b49f39805f7dcda8a89379062
https://linux.oracle.com/cve/CVE-2022-26966.html
https://linux.oracle.com/errata/ELSA-2022-9314.html
https://nvd.nist.gov/vuln/detail/CVE-2022-26966
https://security.netapp.com/advisory/ntap-20220419-0001/
https://ubuntu.com/security/notices/USN-5381-1
| | linux-libc-dev | CVE-2022-28356 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.openwall.com/lists/oss-security/2022/04/06/1
https://access.redhat.com/security/cve/CVE-2022-28356
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28356
https://git.kernel.org/linus/764f4eb6846f5475f1244767d24d25dd86528a4a
https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a
https://nvd.nist.gov/vuln/detail/CVE-2022-28356
https://ubuntu.com/security/notices/USN-5381-1
https://www.openwall.com/lists/oss-security/2022/04/06/1
| | linux-libc-dev | CVE-2022-28388 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-28388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28388
https://git.kernel.org/linus/3d3925ff6433f98992685a9679613a2cc97f3ce2 (5.18-rc1)
https://github.com/torvalds/linux/commit/3d3925ff6433f98992685a9679613a2cc97f3ce2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/
https://nvd.nist.gov/vuln/detail/CVE-2022-28388
| | linux-libc-dev | CVE-2022-28389 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-28389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28389
https://git.kernel.org/linus/04c9b00ba83594a29813d6b1fb8fdc93a3915174 (5.18-rc1)
https://github.com/torvalds/linux/commit/04c9b00ba83594a29813d6b1fb8fdc93a3915174
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/
https://nvd.nist.gov/vuln/detail/CVE-2022-28389
| | linux-libc-dev | CVE-2022-28390 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-28390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28390
https://git.kernel.org/linus/c70222752228a62135cee3409dccefd494a24646 (5.18-rc1)
https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/
https://nvd.nist.gov/vuln/detail/CVE-2022-28390
| | linux-libc-dev | CVE-2022-28893 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.openwall.com/lists/oss-security/2022/04/11/3
http://www.openwall.com/lists/oss-security/2022/04/11/4
http://www.openwall.com/lists/oss-security/2022/04/11/5
https://access.redhat.com/security/cve/CVE-2022-28893
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28893
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1a3b1bba7c7a5eb8a11513cf88427cb9d77bc60a
https://github.com/torvalds/linux/commit/f00432063db1a0db484e85193eccc6845435b80e
https://nvd.nist.gov/vuln/detail/CVE-2022-28893
https://www.openwall.com/lists/oss-security/2022/04/11/3
https://www.openwall.com/lists/oss-security/2022/04/11/5
| | linux-libc-dev | CVE-2017-0537 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/96831
http://www.securitytracker.com/id/1037968
https://android.googlesource.com/kernel/tegra.git/+/389b185cb2f17fff994dbdf8d4bac003d4b2b6b3%5E%21/#F0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0537
https://lore.kernel.org/lkml/1484647168-30135-1-git-send-email-jilin@nvidia.com/#t
https://source.android.com/security/bulletin/2017-01-01.html
https://source.android.com/security/bulletin/2017-03-01
https://source.android.com/security/bulletin/2017-03-01.html
| | linux-libc-dev | CVE-2017-13165 | LOW | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13165
https://github.com/aosp-mirror/platform_system_core/commit/15ffc53f6d57a46e3041453865311035a18e047a
https://source.android.com/security/bulletin/pixel/2017-12-01
| | linux-libc-dev | CVE-2017-13693 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/100502
https://access.redhat.com/security/cve/CVE-2017-13693
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13693
https://github.com/acpica/acpica/pull/295/commits/987a3b5cf7175916e2a4b6ea5b8e70f830dfe732
https://patchwork.kernel.org/patch/9919053/
| | linux-libc-dev | CVE-2018-1121 | LOW | 5.4.0-107.121 | |
Expand...http://seclists.org/oss-sec/2018/q2/122
http://www.securityfocus.com/bid/104214
https://access.redhat.com/security/cve/CVE-2018-1121
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1121
https://www.exploit-db.com/exploits/44806/
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
| | linux-libc-dev | CVE-2018-12928 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/104593
https://access.redhat.com/security/cve/CVE-2018-12928
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12928
https://groups.google.com/forum/#!msg/syzkaller-bugs/9SgQk_6tSZ4/zLhTm4r1AwAJ
https://lore.kernel.org/linux-fsdevel/20180418173028.GA30953@bombadil.infradead.org/
https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2
| | linux-libc-dev | CVE-2018-12929 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://access.redhat.com/security/cve/CVE-2018-12929
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12929
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2
| | linux-libc-dev | CVE-2018-12930 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://access.redhat.com/security/cve/CVE-2018-12930
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12930
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2
| | linux-libc-dev | CVE-2018-12931 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://access.redhat.com/security/cve/CVE-2018-12931
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12931
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2
| | linux-libc-dev | CVE-2019-14899 | LOW | 5.4.0-107.121 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Jul/23
http://seclists.org/fulldisclosure/2020/Jul/24
http://seclists.org/fulldisclosure/2020/Jul/25
http://seclists.org/fulldisclosure/2020/Nov/20
http://www.openwall.com/lists/oss-security/2020/08/13/2
http://www.openwall.com/lists/oss-security/2020/10/07/3
https://access.redhat.com/security/cve/CVE-2019-14899
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14899
https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/
https://support.apple.com/kb/HT211288
https://support.apple.com/kb/HT211289
https://support.apple.com/kb/HT211290
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://www.openwall.com/lists/oss-security/2019/12/05/1
| | linux-libc-dev | CVE-2019-15213 | LOW | 5.4.0-107.121 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html
http://www.openwall.com/lists/oss-security/2019/08/20/2
https://access.redhat.com/security/cve/CVE-2019-15213
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15213
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7
https://linux.oracle.com/cve/CVE-2019-15213.html
https://linux.oracle.com/errata/ELSA-2019-4872.html
https://lore.kernel.org/linux-media/fe983331d14442a96db3f71066ca0488a8921840.camel@decadent.org.uk/
https://security.netapp.com/advisory/ntap-20190905-0002/
https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced
| | linux-libc-dev | CVE-2019-16230 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-16230
https://bugzilla.suse.com/show_bug.cgi?id=1150468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16230
https://lkml.org/lkml/2019/9/9/487
https://security.netapp.com/advisory/ntap-20191004-0001/
| | linux-libc-dev | CVE-2019-19378 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-19378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19378
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19378
https://security.netapp.com/advisory/ntap-20200103-0001/
| | linux-libc-dev | CVE-2019-19814 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-19814
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19814
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814
https://security.netapp.com/advisory/ntap-20200103-0001/
| | linux-libc-dev | CVE-2020-11725 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-11725
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11725
https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474
https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/
https://nvd.nist.gov/vuln/detail/CVE-2020-11725
https://twitter.com/yabbadabbadrew/status/1248632267028582400
| | linux-libc-dev | CVE-2020-12363 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-12363
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12363
https://linux.oracle.com/cve/CVE-2020-12363.html
https://linux.oracle.com/errata/ELSA-2021-2314.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
| | linux-libc-dev | CVE-2020-12364 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-12364
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12364
https://linux.oracle.com/cve/CVE-2020-12364.html
https://linux.oracle.com/errata/ELSA-2021-2314.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
| | linux-libc-dev | CVE-2020-14304 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-14304
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960702
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14304
https://linux.oracle.com/cve/CVE-2020-14304.html
https://linux.oracle.com/errata/ELSA-2021-9410.html
https://lore.kernel.org/netdev/20200517172053.GA734488@decadent.org.uk/T/
| | linux-libc-dev | CVE-2020-35501 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-35501
https://bugzilla.redhat.com/show_bug.cgi?id=1908577
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35501
https://listman.redhat.com/archives/linux-audit/2018-July/msg00041.html
https://nvd.nist.gov/vuln/detail/CVE-2020-35501
https://www.openwall.com/lists/oss-security/2021/02/18/1
| | linux-libc-dev | CVE-2021-26934 | LOW | 5.4.0-107.121 | |
Expand...http://xenbits.xen.org/xsa/advisory-363.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26934
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GELN5E6MDR5KQBJF5M5COUUED3YFZTD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOAJBVAVR6RSCUCHNXPVSNRPSFM7INMP/
https://nvd.nist.gov/vuln/detail/CVE-2021-26934
https://security.netapp.com/advisory/ntap-20210326-0001/
https://www.openwall.com/lists/oss-security/2021/02/16/2
https://xenbits.xen.org/xsa/advisory-363.html
| | linux-libc-dev | CVE-2021-32078 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32078
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=298a58e165e447ccfaae35fe9f651f9d7e15166f
https://git.kernel.org/linus/298a58e165e447ccfaae35fe9f651f9d7e15166f (5.13-rc1)
https://github.com/torvalds/linux/commit/298a58e165e447ccfaae35fe9f651f9d7e15166f
https://kirtikumarar.com/CVE-2021-32078.txt
https://nvd.nist.gov/vuln/detail/CVE-2021-32078
https://security.netapp.com/advisory/ntap-20210813-0002/
| | linux-libc-dev | CVE-2021-34981 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-34981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34981
https://git.kernel.org/linus/3cfdf8fcaafa62a4123f92eb0f4a72650da3a479 (5.14-rc1)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3cfdf8fcaafa62a4123f92eb0f4a72650da3a479
https://www.zerodayinitiative.com/advisories/ZDI-21-1223/
| | linux-libc-dev | CVE-2021-3669 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3669
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3669
https://lore.kernel.org/all/20210809203554.1562989-1-aquini@redhat.com/
| | linux-libc-dev | CVE-2021-3772 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3772
https://bugzilla.redhat.com/show_bug.cgi?id=2000694
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3772
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://linux.oracle.com/cve/CVE-2021-3772.html
https://linux.oracle.com/errata/ELSA-2022-9260.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3772
https://ubuntu.com/security/CVE-2021-3772
https://ubuntu.com/security/notices/USN-5165-1
https://ubuntu.com/security/notices/USN-5265-1
https://www.debian.org/security/2022/dsa-5096
| | linux-libc-dev | CVE-2022-0617 | LOW | 5.4.0-107.121 | 5.4.0-109.123 |
Expand...http://www.openwall.com/lists/oss-security/2022/04/13/2
https://access.redhat.com/security/cve/CVE-2022-0617
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0617
https://git.kernel.org/linus/7fc3b7c2981bbd1047916ade327beccb90994eee
https://git.kernel.org/linus/ea8569194b43f0f01f0a84c689388542c7254a1f
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fc3b7c2981bbd1047916ade327beccb90994eee
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea8569194b43f0f01f0a84c689388542c7254a1f
https://linux.oracle.com/cve/CVE-2022-0617.html
https://linux.oracle.com/errata/ELSA-2022-9314.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lore.kernel.org/lkml/20220114172329.ygzry5rlz64ua2nr@quack3.lan/T/
https://nvd.nist.gov/vuln/detail/CVE-2022-0617
https://ubuntu.com/security/notices/USN-5383-1
https://ubuntu.com/security/notices/USN-5384-1
https://ubuntu.com/security/notices/USN-5385-1
https://www.debian.org/security/2022/dsa-5095
https://www.debian.org/security/2022/dsa-5096
| | linux-libc-dev | CVE-2022-0854 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0854
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/dma/swiotlb.c?h=v5.17-rc8&id=aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13
https://nvd.nist.gov/vuln/detail/CVE-2022-0854
https://ubuntu.com/security/notices/USN-5381-1
| | linux-libc-dev | CVE-2022-24959 | LOW | 5.4.0-107.121 | 5.4.0-109.123 |
Expand...https://access.redhat.com/security/cve/CVE-2022-24959
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24959
https://git.kernel.org/linus/29eb31542787e1019208a2e1047bb7c76c069536 (5.17-rc2)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=29eb31542787e1019208a2e1047bb7c76c069536
https://github.com/torvalds/linux/commit/29eb31542787e1019208a2e1047bb7c76c069536
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://nvd.nist.gov/vuln/detail/CVE-2022-24959
https://ubuntu.com/security/notices/USN-5302-1
https://ubuntu.com/security/notices/USN-5383-1
https://ubuntu.com/security/notices/USN-5384-1
https://ubuntu.com/security/notices/USN-5385-1
https://www.debian.org/security/2022/dsa-5092
https://www.debian.org/security/2022/dsa-5096
| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | logsave | CVE-2022-1304 | MEDIUM | 1.45.5-2ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
|