--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: iyuuplus/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'RELEASE-NAME-iyuuplus' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'autopermissions' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-iyuuplus' of Deployment 'RELEASE-NAME-iyuuplus' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/misconfig/ksv003
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'autopermissions' of Deployment 'RELEASE-NAME-iyuuplus' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/misconfig/ksv003
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-iyuuplus' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv012
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-iyuuplus' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/misconfig/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'autopermissions' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/misconfig/ksv014
| | Kubernetes Security Check | KSV017 | Privileged container | HIGH |
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.privileged' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/misconfig/ksv017
| | Kubernetes Security Check | KSV020 | Runs with low user ID | LOW |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-iyuuplus' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | LOW |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv020
| | Kubernetes Security Check | KSV021 | Runs with low group ID | LOW |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-iyuuplus' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | LOW |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-iyuuplus' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv021
| | Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW |
Expand... The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.

Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv030
| | Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW |
Expand... The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.

Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv030
| | Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW |
Expand... Containers should be forbidden from running with a root UID.

securityContext.runAsUser should be set to a value greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv105
| | Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW |
Expand... Containers should be forbidden from running with a root UID.

securityContext.runAsUser should be set to a value greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv105
| | Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW |
Expand... Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.

container should drop all
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv106
| | Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW |
Expand... Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.

container should drop all
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv106
| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 tccr.io/truecharts/iyuuplus:latest@sha256:f1cf293763be6a0c14e48566d1fc8ad14d7057c7f04191b8ddbd86409bc33e0c ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0) **alpine** | No Vulnerabilities found | |:---------------------------------| #### Container: tccr.io/truecharts/iyuuplus:latest@sha256:f1cf293763be6a0c14e48566d1fc8ad14d7057c7f04191b8ddbd86409bc33e0c (alpine 3.14.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | CRITICAL | 1.33.1-r3 | 1.33.1-r7 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42379
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42380
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42381
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42382
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42383
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
| | busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42384
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42385
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42386
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42374
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42375
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
| | curl | CVE-2021-22945 | CRITICAL | 7.78.0-r0 | 7.79.0-r0 |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22945
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22945.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://hackerone.com/reports/1269242
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22945
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2021-22946 | HIGH | 7.78.0-r0 | 7.79.0-r0 |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json
https://access.redhat.com/security/cve/CVE-2021-22946
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22946.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://hackerone.com/reports/1334111
https://linux.oracle.com/cve/CVE-2021-22946.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22946
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2022-22576 | HIGH | 7.78.0-r0 | 7.79.1-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://hackerone.com/reports/1526328
https://nvd.nist.gov/vuln/detail/CVE-2022-22576
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27775 | HIGH | 7.78.0-r0 | 7.79.1-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://hackerone.com/reports/1546268
https://nvd.nist.gov/vuln/detail/CVE-2022-27775
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2021-22947 | MEDIUM | 7.78.0-r0 | 7.79.0-r0 |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json
https://access.redhat.com/security/cve/CVE-2021-22947
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22947.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
https://hackerone.com/reports/1334763
https://launchpad.net/bugs/1944120 (regression bug)
https://linux.oracle.com/cve/CVE-2021-22947.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22947
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://ubuntu.com/security/notices/USN-5079-3
https://ubuntu.com/security/notices/USN-5079-4
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | curl | CVE-2022-27774 | MEDIUM | 7.78.0-r0 | 7.79.1-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://hackerone.com/reports/1543773
https://nvd.nist.gov/vuln/detail/CVE-2022-27774
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| | curl | CVE-2022-27776 | MEDIUM | 7.78.0-r0 | 7.79.1-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://hackerone.com/reports/1547048
https://nvd.nist.gov/vuln/detail/CVE-2022-27776
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| | expat | CVE-2022-22822 | CRITICAL | 2.4.1-r0 | 2.4.3-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22822
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22822.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22822
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-22823 | CRITICAL | 2.4.1-r0 | 2.4.3-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22823
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22823.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22823
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-22824 | CRITICAL | 2.4.1-r0 | 2.4.3-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22824
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22824.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22824
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-23852 | CRITICAL | 2.4.1-r0 | 2.4.4-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2022-23852
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
https://linux.oracle.com/cve/CVE-2022-23852.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23852
https://security.netapp.com/advisory/ntap-20220217-0001/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-23990 | CRITICAL | 2.4.1-r0 | 2.4.4-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2022-23990
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
https://linux.oracle.com/cve/CVE-2022-23990.html
https://linux.oracle.com/errata/ELSA-2022-9232.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://nvd.nist.gov/vuln/detail/CVE-2022-23990
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-25235 | CRITICAL | 2.4.1-r0 | 2.4.5-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25235
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
https://github.com/libexpat/libexpat/pull/562
https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)
https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)
https://linux.oracle.com/cve/CVE-2022-25235.html
https://linux.oracle.com/errata/ELSA-2022-9359.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25235
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
| | expat | CVE-2022-25236 | CRITICAL | 2.4.1-r0 | 2.4.5-r0 |
Expand...http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html
http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25236
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
https://github.com/libexpat/libexpat/pull/561
https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)
https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)
https://github.com/libexpat/libexpat/pull/577
https://linux.oracle.com/cve/CVE-2022-25236.html
https://linux.oracle.com/errata/ELSA-2022-9359.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25236
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
| | expat | CVE-2022-25315 | CRITICAL | 2.4.1-r0 | 2.4.5-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25315
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
https://github.com/libexpat/libexpat/pull/559
https://linux.oracle.com/cve/CVE-2022-25315.html
https://linux.oracle.com/errata/ELSA-2022-9359.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25315
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
| | expat | CVE-2021-45960 | HIGH | 2.4.1-r0 | 2.4.3-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-45960
https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
https://github.com/libexpat/libexpat/issues/531
https://github.com/libexpat/libexpat/pull/534
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
https://linux.oracle.com/cve/CVE-2021-45960.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2021-45960
https://security.netapp.com/advisory/ntap-20220121-0004/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2021-46143 | HIGH | 2.4.1-r0 | 2.4.3-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-46143
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
https://github.com/libexpat/libexpat/issues/532
https://github.com/libexpat/libexpat/pull/538
https://linux.oracle.com/cve/CVE-2021-46143.html
https://linux.oracle.com/errata/ELSA-2022-9227.html
https://nvd.nist.gov/vuln/detail/CVE-2021-46143
https://security.netapp.com/advisory/ntap-20220121-0006/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-22825 | HIGH | 2.4.1-r0 | 2.4.3-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22825
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22825.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22825
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-22826 | HIGH | 2.4.1-r0 | 2.4.3-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22826
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22826.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22826
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-22827 | HIGH | 2.4.1-r0 | 2.4.3-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22827
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22827.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22827
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
| | expat | CVE-2022-25314 | HIGH | 2.4.1-r0 | 2.4.5-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25314
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
https://github.com/libexpat/libexpat/pull/560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25314
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
| | expat | CVE-2022-25313 | MEDIUM | 2.4.1-r0 | 2.4.5-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25313
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
https://github.com/libexpat/libexpat/pull/558
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25313
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
https://www.oracle.com/security-alerts/cpuapr2022.html
| | git | CVE-2022-24765 | HIGH | 2.32.0-r0 | 2.32.1-r0 |
Expand...http://seclists.org/fulldisclosure/2022/May/31
http://www.openwall.com/lists/oss-security/2022/04/12/7
https://access.redhat.com/security/cve/CVE-2022-24765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode
https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/
https://support.apple.com/kb/HT213261
https://ubuntu.com/security/notices/USN-5376-1
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-3
| | libcrypto1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 |
Expand...http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
| | libcurl | CVE-2021-22945 | CRITICAL | 7.78.0-r0 | 7.79.0-r0 |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22945
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22945.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://hackerone.com/reports/1269242
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22945
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl | CVE-2021-22946 | HIGH | 7.78.0-r0 | 7.79.0-r0 |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json
https://access.redhat.com/security/cve/CVE-2021-22946
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22946.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://hackerone.com/reports/1334111
https://linux.oracle.com/cve/CVE-2021-22946.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22946
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl | CVE-2022-22576 | HIGH | 7.78.0-r0 | 7.79.1-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://hackerone.com/reports/1526328
https://nvd.nist.gov/vuln/detail/CVE-2022-22576
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27775 | HIGH | 7.78.0-r0 | 7.79.1-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://hackerone.com/reports/1546268
https://nvd.nist.gov/vuln/detail/CVE-2022-27775
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2021-22947 | MEDIUM | 7.78.0-r0 | 7.79.0-r0 |
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json
https://access.redhat.com/security/cve/CVE-2021-22947
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22947.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
https://hackerone.com/reports/1334763
https://launchpad.net/bugs/1944120 (regression bug)
https://linux.oracle.com/cve/CVE-2021-22947.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22947
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://ubuntu.com/security/notices/USN-5079-3
https://ubuntu.com/security/notices/USN-5079-4
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libcurl | CVE-2022-27774 | MEDIUM | 7.78.0-r0 | 7.79.1-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://hackerone.com/reports/1543773
https://nvd.nist.gov/vuln/detail/CVE-2022-27774
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| | libcurl | CVE-2022-27776 | MEDIUM | 7.78.0-r0 | 7.79.1-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://hackerone.com/reports/1547048
https://nvd.nist.gov/vuln/detail/CVE-2022-27776
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
| | libressl | CVE-2022-0778 | HIGH | 3.3.3-r0 | 3.3.6-r0 |
Expand...http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
| | libressl3.3-libcrypto | CVE-2022-0778 | HIGH | 3.3.3-r0 | 3.3.6-r0 |
Expand...http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
| | libressl3.3-libssl | CVE-2022-0778 | HIGH | 3.3.3-r0 | 3.3.6-r0 |
Expand...http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
| | libressl3.3-libtls | CVE-2022-0778 | HIGH | 3.3.3-r0 | 3.3.6-r0 |
Expand...http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
| | libretls | CVE-2022-0778 | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 |
Expand...http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
| | libssl1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 |
Expand...http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
| | libxml2 | CVE-2022-23308 | HIGH | 2.9.12-r1 | 2.9.13-r0 |
Expand...http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/34
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/36
http://seclists.org/fulldisclosure/2022/May/37
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/security/cve/CVE-2022-23308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
https://linux.oracle.com/cve/CVE-2022-23308.html
https://linux.oracle.com/errata/ELSA-2022-0899.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
https://nvd.nist.gov/vuln/detail/CVE-2022-23308
https://security.netapp.com/advisory/ntap-20220331-0008/
https://support.apple.com/kb/HT213253
https://support.apple.com/kb/HT213254
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://support.apple.com/kb/HT213258
https://ubuntu.com/security/notices/USN-5324-1
https://ubuntu.com/security/notices/USN-5422-1
| | libxml2 | CVE-2022-29824 | MEDIUM | 2.9.12-r1 | 2.9.14-r0 |
Expand...http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html
https://access.redhat.com/security/cve/CVE-2022-29824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
https://gitlab.gnome.org/GNOME/libxslt/-/tags
https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
https://nvd.nist.gov/vuln/detail/CVE-2022-29824
https://ubuntu.com/security/notices/USN-5422-1
https://www.debian.org/security/2022/dsa-5142
| | openssl | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 |
Expand...http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
https://access.redhat.com/security/cve/CVE-2022-0778
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://errata.almalinux.org/8/ALSA-2022-1065.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9272.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://security.netapp.com/advisory/ntap-20220429-0005/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-06
https://www.tenable.com/security/tns-2022-07
https://www.tenable.com/security/tns-2022-08
https://www.tenable.com/security/tns-2022-09
| | pcre2 | CVE-2022-1586 | CRITICAL | 10.36-r0 | 10.36-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1586
https://bugzilla.redhat.com/show_bug.cgi?id=2077976,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,
https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
https://nvd.nist.gov/vuln/detail/CVE-2022-1586
| | pcre2 | CVE-2022-1587 | CRITICAL | 10.36-r0 | 10.36-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1587
https://bugzilla.redhat.com/show_bug.cgi?id=2077983,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587
https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
https://nvd.nist.gov/vuln/detail/CVE-2022-1587
| | php7 | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7 | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7 | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-common | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-common | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-common | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-curl | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-curl | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-curl | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-dom | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-dom | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-dom | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-json | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-json | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-json | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-mbstring | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-mbstring | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-mbstring | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-opcache | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-opcache | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-opcache | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-openssl | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-openssl | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-openssl | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-pcntl | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-pcntl | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-pcntl | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-pdo | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-pdo | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-pdo | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-pdo_sqlite | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-pdo_sqlite | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-pdo_sqlite | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-phar | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-phar | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-phar | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-posix | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-posix | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-posix | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-session | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-session | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-session | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-simplexml | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-simplexml | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-simplexml | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-sockets | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-sockets | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-sockets | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-xml | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-xml | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-xml | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | php7-zip | CVE-2021-21703 | HIGH | 7.4.23-r0 | 7.4.25-r0 |
Expand...http://www.openwall.com/lists/oss-security/2021/10/26/7
https://access.redhat.com/security/cve/CVE-2021-21703
https://bugs.php.net/bug.php?id=81026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
https://errata.almalinux.org/8/ALSA-2022-1935.html
https://github.com/php/php-src/commit/fadb1f8c1d08ae62b4f0a16917040fde57a3b93b
https://linux.oracle.com/cve/CVE-2021-21703.html
https://linux.oracle.com/errata/ELSA-2022-1935.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PZVLICZUJMXOGWOUWSBAEGIVTF6Y6V3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JO5RA6YOBGGGKLIA6F6BQRZDDECF5L3R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBM3KKB3RY2YPOKNMC4HIH7IH3T3WC74/
https://nvd.nist.gov/vuln/detail/CVE-2021-21703
https://security.netapp.com/advisory/ntap-20211118-0003/
https://ubuntu.com/security/notices/USN-5125-1
https://www.ambionics.io/blog/php-fpm-local-root
https://www.debian.org/security/2021/dsa-4992
https://www.debian.org/security/2021/dsa-4993
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
| | php7-zip | CVE-2021-21706 | MEDIUM | 7.4.23-r0 | 7.4.24-r0 |
Expand...https://bugs.php.net/bug.php?id=81420
https://security.netapp.com/advisory/ntap-20211029-0007/
| | php7-zip | CVE-2021-21707 | MEDIUM | 7.4.23-r0 | 7.4.26-r0 |
Expand...https://access.redhat.com/security/cve/CVE-2021-21707
https://bugs.php.net/bug.php?id=79971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
https://nvd.nist.gov/vuln/detail/CVE-2021-21707
https://security.netapp.com/advisory/ntap-20211223-0005/
https://ubuntu.com/security/notices/USN-5300-1
https://ubuntu.com/security/notices/USN-5300-2
https://ubuntu.com/security/notices/USN-5300-3
https://www.debian.org/security/2022/dsa-5082
https://www.tenable.com/security/tns-2022-09
| | ssl_client | CVE-2022-28391 | CRITICAL | 1.33.1-r3 | 1.33.1-r7 |
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
| | ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42379
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42380
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42381
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42382
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42383
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
| | ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42384
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42385
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42386
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42374
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42375
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
| | xz-libs | CVE-2022-1271 | HIGH | 5.2.5-r0 | 5.2.5-r1 |
Expand...https://access.redhat.com/security/cve/CVE-2022-1271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
https://errata.almalinux.org/8/ALSA-2022-1537.html
https://linux.oracle.com/cve/CVE-2022-1271.html
https://linux.oracle.com/errata/ELSA-2022-5052.html
https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
https://ubuntu.com/security/notices/USN-5378-1
https://ubuntu.com/security/notices/USN-5378-2
https://ubuntu.com/security/notices/USN-5378-3
https://ubuntu.com/security/notices/USN-5378-4
https://www.openwall.com/lists/oss-security/2022/04/07/8
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-2201.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://security.netapp.com/advisory/ntap-20220526-0009/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://ubuntu.com/security/notices/USN-5359-2
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
|