# Security Scan ## Helm-Chart ##### Scan Results 2021-12-04T19:37:30.386Z [34mINFO[0m Detected config files: 1 #### jdownloader2/templates/common.yaml **kubernetes** | No Vulnerabilities found | |:---------------------------------| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:f5c7103d8870367cae893099a9a26929860ca5a13ebc7a1e4e335f1f296c40dd ##### Scan Results **Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c** 2021-12-04T19:37:32.014Z [34mINFO[0m Detected OS: alpine 2021-12-04T19:37:32.014Z [34mINFO[0m Detecting Alpine vulnerabilities... 2021-12-04T19:37:32.018Z [34mINFO[0m Number of language-specific files: 0 #### tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

| | busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |

Click to expand!

| | ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |

Click to expand!

| | ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |

Click to expand!

| | ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |

Click to expand!

| **Container: tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:f5c7103d8870367cae893099a9a26929860ca5a13ebc7a1e4e335f1f296c40dd** 2021-12-04T19:37:37.973Z [34mINFO[0m Detected OS: alpine 2021-12-04T19:37:37.973Z [34mINFO[0m Detecting Alpine vulnerabilities... 2021-12-04T19:37:37.980Z [34mINFO[0m Number of language-specific files: 0 #### tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:f5c7103d8870367cae893099a9a26929860ca5a13ebc7a1e4e335f1f296c40dd (alpine 3.12.6) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 |

Click to expand!

https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E

| | apk-tools | CVE-2021-30139 | HIGH | 2.10.5-r1 | 2.10.6-r0 |

Click to expand!

https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741
https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606

| | busybox | CVE-2021-28831 | HIGH | 1.31.1-r20 | 1.32.1-r4 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/
https://security.gentoo.org/glsa/202105-09

| | busybox | CVE-2021-42378 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42379 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42380 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42381 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42382 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42383 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42384 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42385 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | busybox | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | cairo | CVE-2020-35492 | HIGH | 1.16.0-r2 | 1.16.0-r3 |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1898396
https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be

| | cairo-gobject | CVE-2020-35492 | HIGH | 1.16.0-r2 | 1.16.0-r3 |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1898396
https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be

| | gdk-pixbuf | CVE-2020-29385 | MEDIUM | 2.40.0-r3 | 2.40.0-r4 |

Click to expand!

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29385
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/blob/master/NEWS
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/164
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5H3GNVWMZTYZR3JBYCK57PF7PFMQBNP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BGZVCTH5O7WBJLYXZ2UOKLYNIFPVR55D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EANWYODLOJDFLMBH6WEKJJMQ5PKLEWML/
https://mail.gnome.org/archives/distributor-list/2020-December/msg00000.html
https://security.gentoo.org/glsa/202012-15
https://ubuntu.com/security/CVE-2020-29385
https://ubuntu.com/security/notices/USN-4663-1

| | krb5-libs | CVE-2021-36222 | HIGH | 1.18.3-r0 | 1.18.4-r0 |

Click to expand!

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html

| | libcrypto1.1 | CVE-2021-3711 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 |

Click to expand!

http://www.openwall.com/lists/oss-security/2021/08/26/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://ubuntu.com/security/notices/USN-5051-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16

| | libcrypto1.1 | CVE-2021-3712 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 |

Click to expand!

http://www.openwall.com/lists/oss-security/2021/08/26/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16

| | libjpeg-turbo | CVE-2021-20205 | MEDIUM | 2.0.5-r0 | 2.1.0-r0 |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1937385
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMLEY6HLVZAGXIOGGPPUAMRJUA6LB3FD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TM3AHZEYGYFEDL6AW5RLEAJNVRWEJDFL/

| | libssl1.1 | CVE-2021-3711 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 |

Click to expand!

| | libssl1.1 | CVE-2021-3712 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 |

Click to expand!

| | libx11 | CVE-2021-31535 | CRITICAL | 1.6.12-r0 | 1.6.12-r1 |

Click to expand!

http://packetstormsecurity.com/files/162737/libX11-Insufficient-Length-Check-Injection.html
http://seclists.org/fulldisclosure/2021/May/52
http://www.openwall.com/lists/oss-security/2021/05/18/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31535
https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605
https://linux.oracle.com/cve/CVE-2021-31535.html
https://linux.oracle.com/errata/ELSA-2021-4326.html
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/05/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEOT4RLB76RVPJQKGGTIKTBIOLHX2NR6/
https://lists.freedesktop.org/archives/xorg/
https://lists.x.org/archives/xorg-announce/2021-May/003088.html
https://security.gentoo.org/glsa/202105-16
https://security.netapp.com/advisory/ntap-20210813-0001/
https://ubuntu.com/security/notices/USN-4966-1
https://ubuntu.com/security/notices/USN-4966-2
https://unparalleled.eu/blog/2021/20210518-using-xterm-to-navigate-the-huge-color-space/
https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt
https://www.debian.org/security/2021/dsa-4920
https://www.openwall.com/lists/oss-security/2021/05/18/2
https://www.openwall.com/lists/oss-security/2021/05/18/3

| | libxml2 | CVE-2021-3517 | HIGH | 2.9.10-r5 | 2.9.10-r6 |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1954232
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517
https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2
https://gitlab.gnome.org/GNOME/libxml2/-/issues/235
https://linux.oracle.com/cve/CVE-2021-3517.html
https://linux.oracle.com/errata/ELSA-2021-2569.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
https://security.gentoo.org/glsa/202107-05
https://security.netapp.com/advisory/ntap-20210625-0002/
https://security.netapp.com/advisory/ntap-20211022-0004/
https://ubuntu.com/security/notices/USN-4991-1
https://www.oracle.com/security-alerts/cpuoct2021.html

| | libxml2 | CVE-2021-3518 | HIGH | 2.9.10-r5 | 2.9.10-r6 |

Click to expand!

http://seclists.org/fulldisclosure/2021/Jul/54
http://seclists.org/fulldisclosure/2021/Jul/55
http://seclists.org/fulldisclosure/2021/Jul/58
http://seclists.org/fulldisclosure/2021/Jul/59
https://bugzilla.redhat.com/show_bug.cgi?id=1954242
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518
https://gitlab.gnome.org/GNOME/libxml2/-/commit/1098c30a040e72a4654968547f415be4e4c40fe7
https://gitlab.gnome.org/GNOME/libxml2/-/issues/237
https://linux.oracle.com/cve/CVE-2021-3518.html
https://linux.oracle.com/errata/ELSA-2021-2569.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
https://security.gentoo.org/glsa/202107-05
https://security.netapp.com/advisory/ntap-20210625-0002/
https://support.apple.com/kb/HT212601
https://support.apple.com/kb/HT212602
https://support.apple.com/kb/HT212604
https://support.apple.com/kb/HT212605
https://ubuntu.com/security/notices/USN-4991-1
https://www.oracle.com/security-alerts/cpuoct2021.html

| | libxml2 | CVE-2021-3537 | MEDIUM | 2.9.10-r5 | 2.9.10-r6 |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1956522
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537
https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61
https://gitlab.gnome.org/GNOME/libxml2/-/issues/243
https://gitlab.gnome.org/GNOME/libxml2/-/issues/244
https://gitlab.gnome.org/GNOME/libxml2/-/issues/245
https://linux.oracle.com/cve/CVE-2021-3537.html
https://linux.oracle.com/errata/ELSA-2021-2569.html
https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
https://security.gentoo.org/glsa/202107-05
https://security.netapp.com/advisory/ntap-20210625-0002/
https://ubuntu.com/security/notices/USN-4991-1
https://www.oracle.com/security-alerts/cpuoct2021.html

| | libxml2 | CVE-2021-3541 | MEDIUM | 2.9.10-r5 | 2.9.12-r0 |

Click to expand!

https://blog.hartwork.org/posts/cve-2021-3541-parameter-laughs-fixed-in-libxml2-2-9-11/
https://bugzilla.redhat.com/show_bug.cgi?id=1950515
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e
https://gitlab.gnome.org/GNOME/libxml2/-/issues/228 (currently private)
https://linux.oracle.com/cve/CVE-2021-3541.html
https://linux.oracle.com/errata/ELSA-2021-2569.html
https://ubuntu.com/security/notices/USN-4991-1

| | nginx | CVE-2021-23017 | CRITICAL | 1.18.0-r1 | 1.18.0-r2 |

Click to expand!

http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
https://linux.oracle.com/cve/CVE-2021-23017.html
https://linux.oracle.com/errata/ELSA-2021-2290.html
https://lists.apache.org/thread.html/r37e6b2165f7c910d8e15fd54f4697857619ad2625f56583802004009@%3Cnotifications.apisix.apache.org%3E
https://lists.apache.org/thread.html/r4d4966221ca399ce948ef34884652265729d7d9ef8179c78d7f17e7f@%3Cnotifications.apisix.apache.org%3E
https://lists.apache.org/thread.html/r6fc5c57b38e93e36213e9a18c8a4e5dbd5ced1c7e57f08a1735975ba@%3Cnotifications.apisix.apache.org%3E
https://lists.apache.org/thread.html/rf232eecd47fdc44520192810560303073cefd684b321f85e311bad31@%3Cnotifications.apisix.apache.org%3E
https://lists.apache.org/thread.html/rf318aeeb4d7a3a312734780b47de83cefb7e6995da0b2cae5c28675c@%3Cnotifications.apisix.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SFVYHC7OXTEO4SMBWXDVK6E5IMEYMEE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNKOP2JR5L7KCIZTJRZDCUPJTUONMC5I/
https://security.netapp.com/advisory/ntap-20210708-0006/
https://support.f5.com/csp/article/K12331123,
https://ubuntu.com/security/notices/USN-4967-1
https://ubuntu.com/security/notices/USN-4967-2
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.x41-dsec.de/lab/advisories/x41-2021-002-nginx-resolver-copy/

| | openssl | CVE-2021-3711 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 |

Click to expand!

| | openssl | CVE-2021-3712 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 |

Click to expand!

| | sqlite-libs | CVE-2020-15358 | MEDIUM | 3.32.1-r0 | 3.32.1-r1 |

Click to expand!

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Nov/19
http://seclists.org/fulldisclosure/2020/Nov/20
http://seclists.org/fulldisclosure/2020/Nov/22
http://seclists.org/fulldisclosure/2021/Feb/14
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358
https://linux.oracle.com/cve/CVE-2020-15358.html
https://linux.oracle.com/errata/ELSA-2021-1581.html
https://security.gentoo.org/glsa/202007-26
https://security.netapp.com/advisory/ntap-20200709-0001/
https://support.apple.com/kb/HT211843
https://support.apple.com/kb/HT211844
https://support.apple.com/kb/HT211847
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://ubuntu.com/security/notices/USN-4438-1
https://usn.ubuntu.com/4438-1/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.sqlite.org/src/info/10fa79d00f8091e5
https://www.sqlite.org/src/timeline?p=version-3.32.3&bt=version-3.32.2
https://www.sqlite.org/src/tktview?name=8f157e8010

| | sqlite-libs | CVE-2021-20227 | MEDIUM | 3.32.1-r0 | 3.32.1-r1 |

Click to expand!

https://bugzilla.redhat.com/show_bug.cgi?id=1924886
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20227
https://security.gentoo.org/glsa/202103-04
https://security.netapp.com/advisory/ntap-20210423-0010/
https://ubuntu.com/security/notices/USN-4732-1
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.sqlite.org/releaselog/3_34_1.html

| | ssl_client | CVE-2021-28831 | HIGH | 1.31.1-r20 | 1.32.1-r4 |

Click to expand!

| | ssl_client | CVE-2021-42378 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42379 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42380 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42381 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42382 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42383 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42384 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42385 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 |

Click to expand!

| | xvfb | CVE-2021-3472 | HIGH | 1.20.10-r0 | 1.20.10-r1 |

Click to expand!