TrueChartsClone/charts/stable/minio-console/security.md

149 lines
103 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: minio-console/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;spec.securityContext.runAsGroup&#39;, &#39;spec.securityContext.supplementalGroups[*]&#39; and &#39;spec.securityContext.fsGroup&#39; to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/minio-console:v0.18.1@sha256:b3f107196a93f0a231081bf041d2d51e1f86c7fadf017152a3dc699c5de2177c
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://hackerone.com/reports/1546268">https://hackerone.com/reports/1546268</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://hackerone.com/reports/1546268">https://hackerone.com/reports/1546268</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-2201.html">https://errata.almalinux.org/8/ALSA-2022-2201.html</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-2213.html">https://linux.oracle.com/errata/ELSA-2022-2213.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://security.netapp.com/advisory/ntap-20220526-0009/">https://security.netapp.com/advisory/ntap-20220526-0009/</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
#### Container: tccr.io/truecharts/minio-console:v0.18.1@sha256:b3f107196a93f0a231081bf041d2d51e1f86c7fadf017152a3dc699c5de2177c (redhat 8.6)
**redhat**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bzip2-libs | CVE-2019-12900 | LOW | 1.0.6-26.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html">http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html">http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html">http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html">http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html</a><br><a href="http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html">http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html</a><br><a href="http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html">http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12900">https://access.redhat.com/security/cve/CVE-2019-12900</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494">https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900</a><br><a href="https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc">https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc</a><br><a href="https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E">https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E">https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E">https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html">https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html">https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html">https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-12900">https://nvd.nist.gov/vuln/detail/CVE-2019-12900</a><br><a href="https://seclists.org/bugtraq/2019/Aug/4">https://seclists.org/bugtraq/2019/Aug/4</a><br><a href="https://seclists.org/bugtraq/2019/Jul/22">https://seclists.org/bugtraq/2019/Jul/22</a><br><a href="https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc">https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc</a><br><a href="https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp;amp;utm_medium=RSS">https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp;amp;utm_medium=RSS</a><br><a href="https://ubuntu.com/security/notices/USN-4038-1">https://ubuntu.com/security/notices/USN-4038-1</a><br><a href="https://ubuntu.com/security/notices/USN-4038-2">https://ubuntu.com/security/notices/USN-4038-2</a><br><a href="https://ubuntu.com/security/notices/USN-4038-3">https://ubuntu.com/security/notices/USN-4038-3</a><br><a href="https://ubuntu.com/security/notices/USN-4038-4">https://ubuntu.com/security/notices/USN-4038-4</a><br><a href="https://ubuntu.com/security/notices/USN-4146-1">https://ubuntu.com/security/notices/USN-4146-1</a><br><a href="https://ubuntu.com/security/notices/USN-4146-2">https://ubuntu.com/security/notices/USN-4146-2</a><br><a href="https://usn.ubuntu.com/4038-1/">https://usn.ubuntu.com/4038-1/</a><br><a href="https://usn.ubuntu.com/4038-2/">https://usn.ubuntu.com/4038-2/</a><br><a href="https://usn.ubuntu.com/4146-1/">https://usn.ubuntu.com/4146-1/</a><br><a href="https://usn.ubuntu.com/4146-2/">https://usn.ubuntu.com/4146-2/</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| curl | CVE-2022-22576 | MEDIUM | 7.61.1-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27774 | MEDIUM | 7.61.1-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27776 | MEDIUM | 7.61.1-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27782 | MEDIUM | 7.61.1-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27782">https://access.redhat.com/security/cve/CVE-2022-27782</a><br><a href="https://curl.se/docs/CVE-2022-27782.html">https://curl.se/docs/CVE-2022-27782.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782</a><br><a href="https://hackerone.com/reports/1555796">https://hackerone.com/reports/1555796</a><br><a href="https://ubuntu.com/security/notices/USN-5412-1">https://ubuntu.com/security/notices/USN-5412-1</a><br></details> |
| expat | CVE-2022-25314 | MEDIUM | 2.2.5-8.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25314">https://access.redhat.com/security/cve/CVE-2022-25314</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314</a><br><a href="https://github.com/libexpat/libexpat/pull/560">https://github.com/libexpat/libexpat/pull/560</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25314">https://nvd.nist.gov/vuln/detail/CVE-2022-25314</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5320-1">https://ubuntu.com/security/notices/USN-5320-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| file-libs | CVE-2019-8905 | LOW | 5.33-20.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html">http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html</a><br><a href="http://www.securityfocus.com/bid/107137">http://www.securityfocus.com/bid/107137</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-8905">https://access.redhat.com/security/cve/CVE-2019-8905</a><br><a href="https://bugs.astron.com/view.php?id=63">https://bugs.astron.com/view.php?id=63</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html">https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html</a><br><a href="https://ubuntu.com/security/notices/USN-3911-1">https://ubuntu.com/security/notices/USN-3911-1</a><br><a href="https://usn.ubuntu.com/3911-1/">https://usn.ubuntu.com/3911-1/</a><br></details> |
| file-libs | CVE-2019-8906 | LOW | 5.33-20.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html">http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-8906">https://access.redhat.com/security/cve/CVE-2019-8906</a><br><a href="https://bugs.astron.com/view.php?id=64">https://bugs.astron.com/view.php?id=64</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906</a><br><a href="https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f">https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f</a><br><a href="https://support.apple.com/kb/HT209599">https://support.apple.com/kb/HT209599</a><br><a href="https://support.apple.com/kb/HT209600">https://support.apple.com/kb/HT209600</a><br><a href="https://support.apple.com/kb/HT209601">https://support.apple.com/kb/HT209601</a><br><a href="https://support.apple.com/kb/HT209602">https://support.apple.com/kb/HT209602</a><br><a href="https://ubuntu.com/security/notices/USN-3911-1">https://ubuntu.com/security/notices/USN-3911-1</a><br><a href="https://usn.ubuntu.com/3911-1/">https://usn.ubuntu.com/3911-1/</a><br></details> |
| glib2 | CVE-2018-16428 | LOW | 2.56.4-158.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2020/02/14/3">http://www.openwall.com/lists/oss-security/2020/02/14/3</a><br><a href="http://www.securityfocus.com/bid/105210">http://www.securityfocus.com/bid/105210</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-16428">https://access.redhat.com/security/cve/CVE-2018-16428</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16428">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16428</a><br><a href="https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9">https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9</a><br><a href="https://gitlab.gnome.org/GNOME/glib/issues/1364">https://gitlab.gnome.org/GNOME/glib/issues/1364</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html</a><br><a href="https://ubuntu.com/security/notices/USN-3767-1">https://ubuntu.com/security/notices/USN-3767-1</a><br><a href="https://ubuntu.com/security/notices/USN-3767-2">https://ubuntu.com/security/notices/USN-3767-2</a><br><a href="https://usn.ubuntu.com/3767-1/">https://usn.ubuntu.com/3767-1/</a><br><a href="https://usn.ubuntu.com/3767-2/">https://usn.ubuntu.com/3767-2/</a><br></details> |
| gmp | CVE-2021-43618 | LOW | 1:6.1.2-10.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-43618">https://access.redhat.com/security/cve/CVE-2021-43618</a><br><a href="https://bugs.debian.org/994405">https://bugs.debian.org/994405</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618</a><br><a href="https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html">https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html</a><br><a href="https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e">https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43618">https://nvd.nist.gov/vuln/detail/CVE-2021-43618</a><br></details> |
| gnutls | CVE-2021-4209 | LOW | 3.6.16-4.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-4209">https://access.redhat.com/security/cve/CVE-2021-4209</a><br></details> |
| krb5-libs | CVE-2020-17049 | MEDIUM | 1.18.2-14.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/11/10/3">http://www.openwall.com/lists/oss-security/2021/11/10/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-17049">https://access.redhat.com/security/cve/CVE-2020-17049</a><br><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049</a><br><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049</a><br></details> |
| libarchive | CVE-2020-21674 | MEDIUM | 3.3.3-3.el8_5 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-21674">https://access.redhat.com/security/cve/CVE-2020-21674</a><br><a href="https://github.com/libarchive/libarchive/commit/4f085eea879e2be745f4d9bf57e8513ae48157f4">https://github.com/libarchive/libarchive/commit/4f085eea879e2be745f4d9bf57e8513ae48157f4</a><br><a href="https://github.com/libarchive/libarchive/issues/1298">https://github.com/libarchive/libarchive/issues/1298</a><br></details> |
| libarchive | CVE-2017-14166 | LOW | 3.3.3-3.el8_5 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2017/09/06/5">http://www.openwall.com/lists/oss-security/2017/09/06/5</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-14166">https://access.redhat.com/security/cve/CVE-2017-14166</a><br><a href="https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/">https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166</a><br><a href="https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71">https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71</a><br><a href="https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html">https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html</a><br><a href="https://security.gentoo.org/glsa/201908-11">https://security.gentoo.org/glsa/201908-11</a><br><a href="https://ubuntu.com/security/notices/USN-3736-1">https://ubuntu.com/security/notices/USN-3736-1</a><br><a href="https://usn.ubuntu.com/3736-1/">https://usn.ubuntu.com/3736-1/</a><br><a href="https://www.debian.org/security/2018/dsa-4360">https://www.debian.org/security/2018/dsa-4360</a><br></details> |
| libarchive | CVE-2017-14501 | LOW | 3.3.3-3.el8_5 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2017-14501">https://access.redhat.com/security/cve/CVE-2017-14501</a><br><a href="https://bugs.debian.org/875966">https://bugs.debian.org/875966</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501</a><br><a href="https://github.com/libarchive/libarchive/issues/949">https://github.com/libarchive/libarchive/issues/949</a><br><a href="https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html">https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html</a><br><a href="https://security.gentoo.org/glsa/201908-11">https://security.gentoo.org/glsa/201908-11</a><br><a href="https://ubuntu.com/security/notices/USN-3736-1">https://ubuntu.com/security/notices/USN-3736-1</a><br><a href="https://usn.ubuntu.com/3736-1/">https://usn.ubuntu.com/3736-1/</a><br><a href="https://www.debian.org/security/2018/dsa-4360">https://www.debian.org/security/2018/dsa-4360</a><br></details> |
| libarchive | CVE-2018-1000879 | LOW | 3.3.3-3.el8_5 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html</a><br><a href="http://www.securityfocus.com/bid/106324">http://www.securityfocus.com/bid/106324</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1000879">https://access.redhat.com/security/cve/CVE-2018-1000879</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909">https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909</a><br><a href="https://github.com/libarchive/libarchive/pull/1105">https://github.com/libarchive/libarchive/pull/1105</a><br><a href="https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175">https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/</a><br></details> |
| libarchive | CVE-2018-1000880 | LOW | 3.3.3-3.el8_5 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html</a><br><a href="http://www.securityfocus.com/bid/106324">http://www.securityfocus.com/bid/106324</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1000880">https://access.redhat.com/security/cve/CVE-2018-1000880</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909">https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880</a><br><a href="https://github.com/libarchive/libarchive/pull/1105">https://github.com/libarchive/libarchive/pull/1105</a><br><a href="https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680">https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/</a><br><a href="https://ubuntu.com/security/notices/USN-3859-1">https://ubuntu.com/security/notices/USN-3859-1</a><br><a href="https://usn.ubuntu.com/3859-1/">https://usn.ubuntu.com/3859-1/</a><br><a href="https://www.debian.org/security/2018/dsa-4360">https://www.debian.org/security/2018/dsa-4360</a><br></details> |
| libcom_err | CVE-2022-1304 | MEDIUM | 1.45.6-4.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1304">https://access.redhat.com/security/cve/CVE-2022-1304</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2069726">https://bugzilla.redhat.com/show_bug.cgi?id=2069726</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304</a><br><a href="https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2">https://marc.info/?l=linux-ext4&amp;m=165056234501732&amp;w=2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1304">https://nvd.nist.gov/vuln/detail/CVE-2022-1304</a><br></details> |
| libcurl | CVE-2022-22576 | MEDIUM | 7.61.1-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27774 | MEDIUM | 7.61.1-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27776 | MEDIUM | 7.61.1-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27782 | MEDIUM | 7.61.1-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27782">https://access.redhat.com/security/cve/CVE-2022-27782</a><br><a href="https://curl.se/docs/CVE-2022-27782.html">https://curl.se/docs/CVE-2022-27782.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782</a><br><a href="https://hackerone.com/reports/1555796">https://hackerone.com/reports/1555796</a><br><a href="https://ubuntu.com/security/notices/USN-5412-1">https://ubuntu.com/security/notices/USN-5412-1</a><br></details> |
| libgcc | CVE-2018-20673 | MEDIUM | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106454">http://www.securityfocus.com/bid/106454</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-20673">https://access.redhat.com/security/cve/CVE-2018-20673</a><br><a href="https://linux.oracle.com/cve/CVE-2018-20673.html">https://linux.oracle.com/cve/CVE-2018-20673.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4386.html">https://linux.oracle.com/errata/ELSA-2021-4386.html</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=24039">https://sourceware.org/bugzilla/show_bug.cgi?id=24039</a><br></details> |
| libgcc | CVE-2021-42694 | MEDIUM | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/11/01/1">http://www.openwall.com/lists/oss-security/2021/11/01/1</a><br><a href="http://www.openwall.com/lists/oss-security/2021/11/01/6">http://www.openwall.com/lists/oss-security/2021/11/01/6</a><br><a href="http://www.unicode.org/versions/Unicode14.0.0/">http://www.unicode.org/versions/Unicode14.0.0/</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-42694">https://access.redhat.com/security/cve/CVE-2021-42694</a><br><a href="https://cwe.mitre.org/data/definitions/1007.html">https://cwe.mitre.org/data/definitions/1007.html</a><br><a href="https://trojansource.codes">https://trojansource.codes</a><br><a href="https://trojansource.codes/">https://trojansource.codes/</a><br><a href="https://www.kb.cert.org/vuls/id/999008">https://www.kb.cert.org/vuls/id/999008</a><br><a href="https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/">https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/</a><br><a href="https://www.scyon.nl/post/trojans-in-your-source-code">https://www.scyon.nl/post/trojans-in-your-source-code</a><br><a href="https://www.unicode.org/reports/tr36/">https://www.unicode.org/reports/tr36/</a><br><a href="https://www.unicode.org/reports/tr36/#Canonical_Represenation">https://www.unicode.org/reports/tr36/#Canonical_Represenation</a><br><a href="https://www.unicode.org/reports/tr39/">https://www.unicode.org/reports/tr39/</a><br></details> |
| libgcc | CVE-2022-27943 | MEDIUM | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27943">https://access.redhat.com/security/cve/CVE-2022-27943</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=28995">https://sourceware.org/bugzilla/show_bug.cgi?id=28995</a><br></details> |
| libgcc | CVE-2018-20657 | LOW | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106444">http://www.securityfocus.com/bid/106444</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3352">https://access.redhat.com/errata/RHSA-2019:3352</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-20657">https://access.redhat.com/security/cve/CVE-2018-20657</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539</a><br><a href="https://linux.oracle.com/cve/CVE-2018-20657.html">https://linux.oracle.com/cve/CVE-2018-20657.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-3352.html">https://linux.oracle.com/errata/ELSA-2019-3352.html</a><br><a href="https://support.f5.com/csp/article/K62602089">https://support.f5.com/csp/article/K62602089</a><br></details> |
| libgcc | CVE-2019-14250 | LOW | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html">http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html">http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html">http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html</a><br><a href="http://www.securityfocus.com/bid/109354">http://www.securityfocus.com/bid/109354</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14250">https://access.redhat.com/security/cve/CVE-2019-14250</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924</a><br><a href="https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html">https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-14250">https://nvd.nist.gov/vuln/detail/CVE-2019-14250</a><br><a href="https://security.gentoo.org/glsa/202007-39">https://security.gentoo.org/glsa/202007-39</a><br><a href="https://security.netapp.com/advisory/ntap-20190822-0002/">https://security.netapp.com/advisory/ntap-20190822-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-4326-1">https://ubuntu.com/security/notices/USN-4326-1</a><br><a href="https://ubuntu.com/security/notices/USN-4336-1">https://ubuntu.com/security/notices/USN-4336-1</a><br><a href="https://ubuntu.com/security/notices/USN-4336-2">https://ubuntu.com/security/notices/USN-4336-2</a><br><a href="https://usn.ubuntu.com/4326-1/">https://usn.ubuntu.com/4326-1/</a><br><a href="https://usn.ubuntu.com/4336-1/">https://usn.ubuntu.com/4336-1/</a><br></details> |
| libgcrypt | CVE-2019-12904 | MEDIUM | 1.8.5-6.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html">http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12904">https://access.redhat.com/security/cve/CVE-2019-12904</a><br><a href="https://dev.gnupg.org/T4541">https://dev.gnupg.org/T4541</a><br><a href="https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020">https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020</a><br><a href="https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762">https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html">https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html</a><br></details> |
| libgcrypt | CVE-2021-40528 | MEDIUM | 1.8.5-6.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-40528">https://access.redhat.com/security/cve/CVE-2021-40528</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528</a><br><a href="https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13">https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13</a><br><a href="https://eprint.iacr.org/2021/923">https://eprint.iacr.org/2021/923</a><br><a href="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320">https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320</a><br><a href="https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1">https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1</a><br><a href="https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2">https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-40528">https://nvd.nist.gov/vuln/detail/CVE-2021-40528</a><br><a href="https://ubuntu.com/security/notices/USN-5080-1">https://ubuntu.com/security/notices/USN-5080-1</a><br><a href="https://ubuntu.com/security/notices/USN-5080-2">https://ubuntu.com/security/notices/USN-5080-2</a><br></details> |
| libsolv | CVE-2021-44568 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44568">https://access.redhat.com/security/cve/CVE-2021-44568</a><br><a href="https://github.com/openSUSE/libsolv/issues/425">https://github.com/openSUSE/libsolv/issues/425</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1940">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1940</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1995">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1995</a><br></details> |
| libsolv | CVE-2021-44569 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44569">https://access.redhat.com/security/cve/CVE-2021-44569</a><br><a href="https://github.com/openSUSE/libsolv/issues/423">https://github.com/openSUSE/libsolv/issues/423</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_solve-3445">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_solve-3445</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/</a><br></details> |
| libsolv | CVE-2021-44570 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44570">https://access.redhat.com/security/cve/CVE-2021-44570</a><br><a href="https://github.com/openSUSE/libsolv/issues/424">https://github.com/openSUSE/libsolv/issues/424</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_get_recommendations-4286">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_get_recommendations-4286</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_get_recommendations-4305">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/solver_get_recommendations-4305</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/</a><br></details> |
| libsolv | CVE-2021-44571 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44571">https://access.redhat.com/security/cve/CVE-2021-44571</a><br><a href="https://github.com/openSUSE/libsolv/issues/421">https://github.com/openSUSE/libsolv/issues/421</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-prefer_suggested-442">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-prefer_suggested-442</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/</a><br></details> |
| libsolv | CVE-2021-44573 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44573">https://access.redhat.com/security/cve/CVE-2021-44573</a><br><a href="https://github.com/openSUSE/libsolv/issues/430">https://github.com/openSUSE/libsolv/issues/430</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_installed-1728">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_installed-1728</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_installed-1766">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_installed-1766</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/</a><br></details> |
| libsolv | CVE-2021-44574 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44574">https://access.redhat.com/security/cve/CVE-2021-44574</a><br><a href="https://github.com/openSUSE/libsolv/issues/429">https://github.com/openSUSE/libsolv/issues/429</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_jobrules-1599">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_jobrules-1599</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/</a><br></details> |
| libsolv | CVE-2021-44575 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44575">https://access.redhat.com/security/cve/CVE-2021-44575</a><br><a href="https://github.com/openSUSE/libsolv/issues/427">https://github.com/openSUSE/libsolv/issues/427</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/makeruledecisions-307">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/makeruledecisions-307</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/makeruledecisions_147">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/makeruledecisions_147</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/</a><br></details> |
| libsolv | CVE-2021-44576 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44576">https://access.redhat.com/security/cve/CVE-2021-44576</a><br><a href="https://github.com/openSUSE/libsolv/issues/426">https://github.com/openSUSE/libsolv/issues/426</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_weak-2222">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_weak-2222</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_weak-2249">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_weak-2249</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/</a><br></details> |
| libsolv | CVE-2021-44577 | MEDIUM | 0.7.20-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44577">https://access.redhat.com/security/cve/CVE-2021-44577</a><br><a href="https://github.com/openSUSE/libsolv/issues/428">https://github.com/openSUSE/libsolv/issues/428</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/propagate-490">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/propagate-490</a><br><a href="https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/propagate-524">https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/propagate-524</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/</a><br></details> |
| libstdc++ | CVE-2018-20673 | MEDIUM | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106454">http://www.securityfocus.com/bid/106454</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-20673">https://access.redhat.com/security/cve/CVE-2018-20673</a><br><a href="https://linux.oracle.com/cve/CVE-2018-20673.html">https://linux.oracle.com/cve/CVE-2018-20673.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4386.html">https://linux.oracle.com/errata/ELSA-2021-4386.html</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=24039">https://sourceware.org/bugzilla/show_bug.cgi?id=24039</a><br></details> |
| libstdc++ | CVE-2021-42694 | MEDIUM | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/11/01/1">http://www.openwall.com/lists/oss-security/2021/11/01/1</a><br><a href="http://www.openwall.com/lists/oss-security/2021/11/01/6">http://www.openwall.com/lists/oss-security/2021/11/01/6</a><br><a href="http://www.unicode.org/versions/Unicode14.0.0/">http://www.unicode.org/versions/Unicode14.0.0/</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-42694">https://access.redhat.com/security/cve/CVE-2021-42694</a><br><a href="https://cwe.mitre.org/data/definitions/1007.html">https://cwe.mitre.org/data/definitions/1007.html</a><br><a href="https://trojansource.codes">https://trojansource.codes</a><br><a href="https://trojansource.codes/">https://trojansource.codes/</a><br><a href="https://www.kb.cert.org/vuls/id/999008">https://www.kb.cert.org/vuls/id/999008</a><br><a href="https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/">https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/</a><br><a href="https://www.scyon.nl/post/trojans-in-your-source-code">https://www.scyon.nl/post/trojans-in-your-source-code</a><br><a href="https://www.unicode.org/reports/tr36/">https://www.unicode.org/reports/tr36/</a><br><a href="https://www.unicode.org/reports/tr36/#Canonical_Represenation">https://www.unicode.org/reports/tr36/#Canonical_Represenation</a><br><a href="https://www.unicode.org/reports/tr39/">https://www.unicode.org/reports/tr39/</a><br></details> |
| libstdc++ | CVE-2022-27943 | MEDIUM | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27943">https://access.redhat.com/security/cve/CVE-2022-27943</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=28995">https://sourceware.org/bugzilla/show_bug.cgi?id=28995</a><br></details> |
| libstdc++ | CVE-2018-20657 | LOW | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106444">http://www.securityfocus.com/bid/106444</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3352">https://access.redhat.com/errata/RHSA-2019:3352</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-20657">https://access.redhat.com/security/cve/CVE-2018-20657</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539</a><br><a href="https://linux.oracle.com/cve/CVE-2018-20657.html">https://linux.oracle.com/cve/CVE-2018-20657.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-3352.html">https://linux.oracle.com/errata/ELSA-2019-3352.html</a><br><a href="https://support.f5.com/csp/article/K62602089">https://support.f5.com/csp/article/K62602089</a><br></details> |
| libstdc++ | CVE-2019-14250 | LOW | 8.5.0-10.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html">http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html">http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html">http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html</a><br><a href="http://www.securityfocus.com/bid/109354">http://www.securityfocus.com/bid/109354</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14250">https://access.redhat.com/security/cve/CVE-2019-14250</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924</a><br><a href="https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html">https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-14250">https://nvd.nist.gov/vuln/detail/CVE-2019-14250</a><br><a href="https://security.gentoo.org/glsa/202007-39">https://security.gentoo.org/glsa/202007-39</a><br><a href="https://security.netapp.com/advisory/ntap-20190822-0002/">https://security.netapp.com/advisory/ntap-20190822-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-4326-1">https://ubuntu.com/security/notices/USN-4326-1</a><br><a href="https://ubuntu.com/security/notices/USN-4336-1">https://ubuntu.com/security/notices/USN-4336-1</a><br><a href="https://ubuntu.com/security/notices/USN-4336-2">https://ubuntu.com/security/notices/USN-4336-2</a><br><a href="https://usn.ubuntu.com/4326-1/">https://usn.ubuntu.com/4326-1/</a><br><a href="https://usn.ubuntu.com/4336-1/">https://usn.ubuntu.com/4336-1/</a><br></details> |
| libtasn1 | CVE-2018-1000654 | LOW | 4.13-3.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html">http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html">http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html</a><br><a href="http://www.securityfocus.com/bid/105151">http://www.securityfocus.com/bid/105151</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1000654">https://access.redhat.com/security/cve/CVE-2018-1000654</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654</a><br><a href="https://gitlab.com/gnutls/libtasn1/issues/4">https://gitlab.com/gnutls/libtasn1/issues/4</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://ubuntu.com/security/notices/USN-5352-1">https://ubuntu.com/security/notices/USN-5352-1</a><br></details> |
| libxml2 | CVE-2022-29824 | MEDIUM | 2.9.7-13.el8 | | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html">http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-29824">https://access.redhat.com/security/cve/CVE-2022-29824</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab">https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)">https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd">https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)">https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14</a><br><a href="https://gitlab.gnome.org/GNOME/libxslt/-/tags">https://gitlab.gnome.org/GNOME/libxslt/-/tags</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29824">https://nvd.nist.gov/vuln/detail/CVE-2022-29824</a><br><a href="https://ubuntu.com/security/notices/USN-5422-1">https://ubuntu.com/security/notices/USN-5422-1</a><br><a href="https://www.debian.org/security/2022/dsa-5142">https://www.debian.org/security/2022/dsa-5142</a><br></details> |
| libzstd | CVE-2021-24032 | LOW | 1.4.4-1.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-24032">https://access.redhat.com/security/cve/CVE-2021-24032</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032</a><br><a href="https://github.com/facebook/zstd/issues/2491">https://github.com/facebook/zstd/issues/2491</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-24032">https://nvd.nist.gov/vuln/detail/CVE-2021-24032</a><br><a href="https://ubuntu.com/security/notices/USN-4760-1">https://ubuntu.com/security/notices/USN-4760-1</a><br><a href="https://www.facebook.com/security/advisories/cve-2021-24032">https://www.facebook.com/security/advisories/cve-2021-24032</a><br></details> |
| lz4-libs | CVE-2019-17543 | MEDIUM | 1.8.3-3.el8_4 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17543">https://access.redhat.com/security/cve/CVE-2019-17543</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941</a><br><a href="https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2">https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2</a><br><a href="https://github.com/lz4/lz4/issues/801">https://github.com/lz4/lz4/issues/801</a><br><a href="https://github.com/lz4/lz4/pull/756">https://github.com/lz4/lz4/pull/756</a><br><a href="https://github.com/lz4/lz4/pull/760">https://github.com/lz4/lz4/pull/760</a><br><a href="https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E">https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| ncurses-base | CVE-2021-39537 | MEDIUM | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup">http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-39537">https://access.redhat.com/security/cve/CVE-2021-39537</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html">https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html">https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-39537">https://nvd.nist.gov/vuln/detail/CVE-2021-39537</a><br></details> |
| ncurses-base | CVE-2018-19211 | LOW | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-19211">https://access.redhat.com/security/cve/CVE-2018-19211</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1643754">https://bugzilla.redhat.com/show_bug.cgi?id=1643754</a><br></details> |
| ncurses-base | CVE-2018-19217 | LOW | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-19217">https://access.redhat.com/security/cve/CVE-2018-19217</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1643753">https://bugzilla.redhat.com/show_bug.cgi?id=1643753</a><br></details> |
| ncurses-libs | CVE-2021-39537 | MEDIUM | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup">http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-39537">https://access.redhat.com/security/cve/CVE-2021-39537</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html">https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html">https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-39537">https://nvd.nist.gov/vuln/detail/CVE-2021-39537</a><br></details> |
| ncurses-libs | CVE-2018-19211 | LOW | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-19211">https://access.redhat.com/security/cve/CVE-2018-19211</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1643754">https://bugzilla.redhat.com/show_bug.cgi?id=1643754</a><br></details> |
| ncurses-libs | CVE-2018-19217 | LOW | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-19217">https://access.redhat.com/security/cve/CVE-2018-19217</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1643753">https://bugzilla.redhat.com/show_bug.cgi?id=1643753</a><br></details> |
| openldap | CVE-2022-29155 | MEDIUM | 2.4.46-18.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29155">https://access.redhat.com/security/cve/CVE-2022-29155</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29155">https://nvd.nist.gov/vuln/detail/CVE-2022-29155</a><br><a href="https://ubuntu.com/security/notices/USN-5424-1">https://ubuntu.com/security/notices/USN-5424-1</a><br><a href="https://ubuntu.com/security/notices/USN-5424-2">https://ubuntu.com/security/notices/USN-5424-2</a><br><a href="https://www.debian.org/security/2022/dsa-5140">https://www.debian.org/security/2022/dsa-5140</a><br></details> |
| openssl-libs | CVE-2022-1292 | MEDIUM | 1:1.1.1k-6.el8_5 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1292">https://nvd.nist.gov/vuln/detail/CVE-2022-1292</a><br><a href="https://security.netapp.com/advisory/ntap-20220602-0009/">https://security.netapp.com/advisory/ntap-20220602-0009/</a><br><a href="https://ubuntu.com/security/notices/USN-5402-1">https://ubuntu.com/security/notices/USN-5402-1</a><br><a href="https://ubuntu.com/security/notices/USN-5402-2">https://ubuntu.com/security/notices/USN-5402-2</a><br><a href="https://www.debian.org/security/2022/dsa-5139">https://www.debian.org/security/2022/dsa-5139</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details> |
| openssl-libs | CVE-2022-1434 | MEDIUM | 1:1.1.1k-6.el8_5 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1434">https://access.redhat.com/security/cve/CVE-2022-1434</a><br><a href="https://crates.io/crates/openssl-src">https://crates.io/crates/openssl-src</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1434">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1434</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7d56a74a96828985db7354a55227a511615f732b">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7d56a74a96828985db7354a55227a511615f732b</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0026.html">https://rustsec.org/advisories/RUSTSEC-2022-0026.html</a><br><a href="https://security.netapp.com/advisory/ntap-20220602-0009/">https://security.netapp.com/advisory/ntap-20220602-0009/</a><br><a href="https://ubuntu.com/security/notices/USN-5402-1">https://ubuntu.com/security/notices/USN-5402-1</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details> |
| pcre2 | CVE-2022-1586 | MEDIUM | 10.32-2.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1586">https://access.redhat.com/security/cve/CVE-2022-1586</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077976,">https://bugzilla.redhat.com/show_bug.cgi?id=2077976,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,">https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c">https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1586">https://nvd.nist.gov/vuln/detail/CVE-2022-1586</a><br></details> |
| platform-python-pip | CVE-2018-20225 | LOW | 9.0.3-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-20225">https://access.redhat.com/security/cve/CVE-2018-20225</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1835736">https://bugzilla.redhat.com/show_bug.cgi?id=1835736</a><br><a href="https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html">https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html</a><br><a href="https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E">https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-20225">https://nvd.nist.gov/vuln/detail/CVE-2018-20225</a><br><a href="https://pip.pypa.io/en/stable/news/">https://pip.pypa.io/en/stable/news/</a><br></details> |
| python3-pip-wheel | CVE-2018-20225 | LOW | 9.0.3-22.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-20225">https://access.redhat.com/security/cve/CVE-2018-20225</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1835736">https://bugzilla.redhat.com/show_bug.cgi?id=1835736</a><br><a href="https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html">https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html</a><br><a href="https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E">https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-20225">https://nvd.nist.gov/vuln/detail/CVE-2018-20225</a><br><a href="https://pip.pypa.io/en/stable/news/">https://pip.pypa.io/en/stable/news/</a><br></details> |
| rpm | CVE-2021-35937 | MEDIUM | 4.14.3-23.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-35937">https://access.redhat.com/security/cve/CVE-2021-35937</a><br></details> |
| rpm | CVE-2021-35938 | MEDIUM | 4.14.3-23.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-35938">https://access.redhat.com/security/cve/CVE-2021-35938</a><br></details> |
| rpm | CVE-2021-35939 | MEDIUM | 4.14.3-23.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-35939">https://access.redhat.com/security/cve/CVE-2021-35939</a><br></details> |
| rpm-libs | CVE-2021-35937 | MEDIUM | 4.14.3-23.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-35937">https://access.redhat.com/security/cve/CVE-2021-35937</a><br></details> |
| rpm-libs | CVE-2021-35938 | MEDIUM | 4.14.3-23.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-35938">https://access.redhat.com/security/cve/CVE-2021-35938</a><br></details> |
| rpm-libs | CVE-2021-35939 | MEDIUM | 4.14.3-23.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-35939">https://access.redhat.com/security/cve/CVE-2021-35939</a><br></details> |
| sqlite-libs | CVE-2019-19244 | LOW | 3.26.0-15.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-19244">https://access.redhat.com/security/cve/CVE-2019-19244</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244</a><br><a href="https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348">https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348</a><br><a href="https://ubuntu.com/security/notices/USN-4205-1">https://ubuntu.com/security/notices/USN-4205-1</a><br><a href="https://usn.ubuntu.com/4205-1/">https://usn.ubuntu.com/4205-1/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br></details> |
| sqlite-libs | CVE-2019-9936 | LOW | 3.26.0-15.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html</a><br><a href="http://www.securityfocus.com/bid/107562">http://www.securityfocus.com/bid/107562</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-9936">https://access.redhat.com/security/cve/CVE-2019-9936</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9936">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9936</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html">https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/</a><br><a href="https://security.gentoo.org/glsa/201908-09">https://security.gentoo.org/glsa/201908-09</a><br><a href="https://security.netapp.com/advisory/ntap-20190416-0005/">https://security.netapp.com/advisory/ntap-20190416-0005/</a><br><a href="https://sqlite.org/src/info/b3fa58dd7403dbd4">https://sqlite.org/src/info/b3fa58dd7403dbd4</a><br><a href="https://ubuntu.com/security/notices/USN-4019-1">https://ubuntu.com/security/notices/USN-4019-1</a><br><a href="https://usn.ubuntu.com/4019-1/">https://usn.ubuntu.com/4019-1/</a><br><a href="https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114382.html">https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114382.html</a><br><a href="https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114394.html">https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114394.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| sqlite-libs | CVE-2019-9937 | LOW | 3.26.0-15.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html</a><br><a href="http://www.securityfocus.com/bid/107562">http://www.securityfocus.com/bid/107562</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-9937">https://access.redhat.com/security/cve/CVE-2019-9937</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html">https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/</a><br><a href="https://security.gentoo.org/glsa/201908-09">https://security.gentoo.org/glsa/201908-09</a><br><a href="https://security.netapp.com/advisory/ntap-20190416-0005/">https://security.netapp.com/advisory/ntap-20190416-0005/</a><br><a href="https://sqlite.org/src/info/45c73deb440496e8">https://sqlite.org/src/info/45c73deb440496e8</a><br><a href="https://ubuntu.com/security/notices/USN-4019-1">https://ubuntu.com/security/notices/USN-4019-1</a><br><a href="https://usn.ubuntu.com/4019-1/">https://usn.ubuntu.com/4019-1/</a><br><a href="https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html">https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html</a><br><a href="https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114393.html">https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114393.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| systemd-libs | CVE-2018-20839 | MEDIUM | 239-58.el8 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/108389">http://www.securityfocus.com/bid/108389</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-20839">https://access.redhat.com/security/cve/CVE-2018-20839</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993">https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993</a><br><a href="https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f">https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f</a><br><a href="https://github.com/systemd/systemd/pull/12378">https://github.com/systemd/systemd/pull/12378</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security.netapp.com/advisory/ntap-20190530-0002/">https://security.netapp.com/advisory/ntap-20190530-0002/</a><br></details> |
| systemd-libs | CVE-2021-3997 | MEDIUM | 239-58.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3997">https://access.redhat.com/security/cve/CVE-2021-3997</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997</a><br><a href="https://ubuntu.com/security/notices/USN-5226-1">https://ubuntu.com/security/notices/USN-5226-1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/01/10/2">https://www.openwall.com/lists/oss-security/2022/01/10/2</a><br></details> |
| xz-libs | CVE-2022-1271 | HIGH | 5.2.4-3.el8 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1271">https://access.redhat.com/security/cve/CVE-2022-1271</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1537.html">https://errata.almalinux.org/8/ALSA-2022-1537.html</a><br><a href="https://linux.oracle.com/cve/CVE-2022-1271.html">https://linux.oracle.com/cve/CVE-2022-1271.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-2191.html">https://linux.oracle.com/errata/ELSA-2022-2191.html</a><br><a href="https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html">https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html</a><br><a href="https://ubuntu.com/security/notices/USN-5378-1">https://ubuntu.com/security/notices/USN-5378-1</a><br><a href="https://ubuntu.com/security/notices/USN-5378-2">https://ubuntu.com/security/notices/USN-5378-2</a><br><a href="https://ubuntu.com/security/notices/USN-5378-3">https://ubuntu.com/security/notices/USN-5378-3</a><br><a href="https://ubuntu.com/security/notices/USN-5378-4">https://ubuntu.com/security/notices/USN-5378-4</a><br><a href="https://www.openwall.com/lists/oss-security/2022/04/07/8">https://www.openwall.com/lists/oss-security/2022/04/07/8</a><br></details> |
**gobinary**
| No Vulnerabilities found |
|:---------------------------------|