Security Overview

Helm-Chart

Scan Results

Chart Object: owncast/templates/common.yaml

Type	Misconfiguration ID	Check	Severity	Explaination	Links
Kubernetes Security Check	KSV003	Default capabilities not dropped	LOW	Expand... The container should drop all default capabilities and add only those that are needed for its execution. Container 'RELEASE-NAME-owncast' of Deployment 'RELEASE-NAME-owncast' should add 'ALL' to 'securityContext.capabilities.drop'	Expand... https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/ https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check	KSV012	Runs as root user	MEDIUM	Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. Container 'RELEASE-NAME-owncast' of Deployment 'RELEASE-NAME-owncast' should set 'securityContext.runAsNonRoot' to true	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check	KSV012	Runs as root user	MEDIUM	Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. Container 'autopermissions' of Deployment 'RELEASE-NAME-owncast' should set 'securityContext.runAsNonRoot' to true	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check	KSV013	Image tag ':latest' used	LOW	Expand... It is best to avoid using the ':latest' image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version. Container 'RELEASE-NAME-owncast' of Deployment 'RELEASE-NAME-owncast' should specify an image tag	Expand... https://kubernetes.io/docs/concepts/configuration/overview/#container-images https://avd.aquasec.com/appshield/ksv013
Kubernetes Security Check	KSV013	Image tag ':latest' used	LOW	Expand... It is best to avoid using the ':latest' image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version. Container 'autopermissions' of Deployment 'RELEASE-NAME-owncast' should specify an image tag	Expand... https://kubernetes.io/docs/concepts/configuration/overview/#container-images https://avd.aquasec.com/appshield/ksv013
Kubernetes Security Check	KSV014	Root file system is not read-only	LOW	Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. Container 'RELEASE-NAME-owncast' of Deployment 'RELEASE-NAME-owncast' should set 'securityContext.readOnlyRootFilesystem' to true	Expand... https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/ https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check	KSV014	Root file system is not read-only	LOW	Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. Container 'autopermissions' of Deployment 'RELEASE-NAME-owncast' should set 'securityContext.readOnlyRootFilesystem' to true	Expand... https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/ https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check	KSV019	Seccomp policies disabled	MEDIUM	Expand... A program inside the container can bypass Seccomp protection policies. Container 'RELEASE-NAME-owncast' of Deployment 'RELEASE-NAME-owncast' should specify a seccomp profile	Expand... https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/ https://avd.aquasec.com/appshield/ksv019
Kubernetes Security Check	KSV019	Seccomp policies disabled	MEDIUM	Expand... A program inside the container can bypass Seccomp protection policies. Container 'autopermissions' of Deployment 'RELEASE-NAME-owncast' should specify a seccomp profile	Expand... https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/ https://avd.aquasec.com/appshield/ksv019
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'RELEASE-NAME-owncast' of Deployment 'RELEASE-NAME-owncast' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'autopermissions' of Deployment 'RELEASE-NAME-owncast' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'RELEASE-NAME-owncast' of Deployment 'RELEASE-NAME-owncast' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'autopermissions' of Deployment 'RELEASE-NAME-owncast' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV029	A root primary or supplementary GID set	LOW	Expand... Containers should be forbidden from running with a root primary or supplementary GID. Deployment 'RELEASE-NAME-owncast' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv029

Containers

Detected Containers

      tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
      tccr.io/truecharts/owncast:v0.0.10@sha256:7fe3fdf3caea1808b8e0bc163bcaf28e6aacb6df65940c692f9209e2cf765f3e

Scan Results

Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)

alpine

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
busybox	CVE-2021-42378	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42379	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42380	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42381	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42382	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42383	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
busybox	CVE-2021-42384	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42385	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42386	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42374	MEDIUM	1.33.1-r3	1.33.1-r4	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42375	MEDIUM	1.33.1-r3	1.33.1-r5	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
ssl_client	CVE-2021-42378	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42379	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42380	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42381	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42382	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42383	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
ssl_client	CVE-2021-42384	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42385	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42386	HIGH	1.33.1-r3	1.33.1-r6	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42374	MEDIUM	1.33.1-r3	1.33.1-r4	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42375	MEDIUM	1.33.1-r3	1.33.1-r5	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

Container: tccr.io/truecharts/owncast:v0.0.10@sha256:7fe3fdf3caea1808b8e0bc163bcaf28e6aacb6df65940c692f9209e2cf765f3e (alpine 3.12.0)

alpine

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
apk-tools	CVE-2021-36159	CRITICAL	2.10.5-r1	2.10.7-r0	Expand... https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749 https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
apk-tools	CVE-2021-30139	HIGH	2.10.5-r1	2.10.6-r0	Expand... https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741 https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606
busybox	CVE-2021-28831	HIGH	1.31.1-r16	1.32.1-r4	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831 https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/ https://security.gentoo.org/glsa/202105-09 https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42378	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42379	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42380	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42381	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42382	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42383	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
busybox	CVE-2021-42384	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42385	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42386	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
busybox	CVE-2021-42374	MEDIUM	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
libcrypto1.1	CVE-2021-3711	CRITICAL	1.1.1g-r0	1.1.1l-r0	Expand... http://www.openwall.com/lists/oss-security/2021/08/26/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E https://security.netapp.com/advisory/ntap-20210827-0010/ https://security.netapp.com/advisory/ntap-20211022-0003/ https://ubuntu.com/security/notices/USN-5051-1 https://www.debian.org/security/2021/dsa-4963 https://www.openssl.org/news/secadv/20210824.txt https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-16
libcrypto1.1	CVE-2021-23840	HIGH	1.1.1g-r0	1.1.1j-r0	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://linux.oracle.com/cve/CVE-2021-23840.html https://linux.oracle.com/errata/ELSA-2021-9561.html https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210219-0009/ https://ubuntu.com/security/notices/USN-4738-1 https://ubuntu.com/security/notices/USN-5088-1 https://www.debian.org/security/2021/dsa-4855 https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-03 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
libcrypto1.1	CVE-2021-3450	HIGH	1.1.1g-r0	1.1.1k-r0	Expand... http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://linux.oracle.com/cve/CVE-2021-3450.html https://linux.oracle.com/errata/ELSA-2021-9151.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210326-0006/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://www.openssl.org/news/secadv/20210325.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-08 https://www.tenable.com/security/tns-2021-09
libcrypto1.1	CVE-2021-3712	HIGH	1.1.1g-r0	1.1.1l-r0	Expand... http://www.openwall.com/lists/oss-security/2021/08/26/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html https://security.netapp.com/advisory/ntap-20210827-0010/ https://ubuntu.com/security/notices/USN-5051-1 https://ubuntu.com/security/notices/USN-5051-2 https://ubuntu.com/security/notices/USN-5051-3 https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm) https://ubuntu.com/security/notices/USN-5088-1 https://www.debian.org/security/2021/dsa-4963 https://www.openssl.org/news/secadv/20210824.txt https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-16
libcrypto1.1	CVE-2020-1971	MEDIUM	1.1.1g-r0	1.1.1i-r0	Expand... http://www.openwall.com/lists/oss-security/2021/09/14/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676 https://linux.oracle.com/cve/CVE-2020-1971.html https://linux.oracle.com/errata/ELSA-2021-9150.html https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/ https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc https://security.gentoo.org/glsa/202012-13 https://security.netapp.com/advisory/ntap-20201218-0005/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://ubuntu.com/security/notices/USN-4662-1 https://ubuntu.com/security/notices/USN-4745-1 https://www.debian.org/security/2020/dsa-4807 https://www.openssl.org/news/secadv/20201208.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2020-11 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
libcrypto1.1	CVE-2021-23841	MEDIUM	1.1.1g-r0	1.1.1j-r0	Expand... http://seclists.org/fulldisclosure/2021/May/67 http://seclists.org/fulldisclosure/2021/May/68 http://seclists.org/fulldisclosure/2021/May/70 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://linux.oracle.com/cve/CVE-2021-23841.html https://linux.oracle.com/errata/ELSA-2021-9561.html https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210219-0009/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://support.apple.com/kb/HT212528 https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212534 https://ubuntu.com/security/notices/USN-4738-1 https://ubuntu.com/security/notices/USN-4745-1 https://www.debian.org/security/2021/dsa-4855 https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-03 https://www.tenable.com/security/tns-2021-09
libcrypto1.1	CVE-2021-3449	MEDIUM	1.1.1g-r0	1.1.1k-r0	Expand... http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://linux.oracle.com/cve/CVE-2021-3449.html https://linux.oracle.com/errata/ELSA-2021-9151.html https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210326-0006/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://ubuntu.com/security/notices/USN-4891-1 https://ubuntu.com/security/notices/USN-5038-1 https://www.debian.org/security/2021/dsa-4875 https://www.openssl.org/news/secadv/20210325.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-06 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
libcrypto1.1	CVE-2021-23839	LOW	1.1.1g-r0	1.1.1j-r0	Expand... https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://security.netapp.com/advisory/ntap-20210219-0009/ https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
libssl1.1	CVE-2021-3711	CRITICAL	1.1.1g-r0	1.1.1l-r0	Expand... http://www.openwall.com/lists/oss-security/2021/08/26/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E https://security.netapp.com/advisory/ntap-20210827-0010/ https://security.netapp.com/advisory/ntap-20211022-0003/ https://ubuntu.com/security/notices/USN-5051-1 https://www.debian.org/security/2021/dsa-4963 https://www.openssl.org/news/secadv/20210824.txt https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-16
libssl1.1	CVE-2021-23840	HIGH	1.1.1g-r0	1.1.1j-r0	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://linux.oracle.com/cve/CVE-2021-23840.html https://linux.oracle.com/errata/ELSA-2021-9561.html https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210219-0009/ https://ubuntu.com/security/notices/USN-4738-1 https://ubuntu.com/security/notices/USN-5088-1 https://www.debian.org/security/2021/dsa-4855 https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-03 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
libssl1.1	CVE-2021-3450	HIGH	1.1.1g-r0	1.1.1k-r0	Expand... http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://linux.oracle.com/cve/CVE-2021-3450.html https://linux.oracle.com/errata/ELSA-2021-9151.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210326-0006/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://www.openssl.org/news/secadv/20210325.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-08 https://www.tenable.com/security/tns-2021-09
libssl1.1	CVE-2021-3712	HIGH	1.1.1g-r0	1.1.1l-r0	Expand... http://www.openwall.com/lists/oss-security/2021/08/26/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html https://security.netapp.com/advisory/ntap-20210827-0010/ https://ubuntu.com/security/notices/USN-5051-1 https://ubuntu.com/security/notices/USN-5051-2 https://ubuntu.com/security/notices/USN-5051-3 https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm) https://ubuntu.com/security/notices/USN-5088-1 https://www.debian.org/security/2021/dsa-4963 https://www.openssl.org/news/secadv/20210824.txt https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-16
libssl1.1	CVE-2020-1971	MEDIUM	1.1.1g-r0	1.1.1i-r0	Expand... http://www.openwall.com/lists/oss-security/2021/09/14/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676 https://linux.oracle.com/cve/CVE-2020-1971.html https://linux.oracle.com/errata/ELSA-2021-9150.html https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/ https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc https://security.gentoo.org/glsa/202012-13 https://security.netapp.com/advisory/ntap-20201218-0005/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://ubuntu.com/security/notices/USN-4662-1 https://ubuntu.com/security/notices/USN-4745-1 https://www.debian.org/security/2020/dsa-4807 https://www.openssl.org/news/secadv/20201208.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2020-11 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
libssl1.1	CVE-2021-23841	MEDIUM	1.1.1g-r0	1.1.1j-r0	Expand... http://seclists.org/fulldisclosure/2021/May/67 http://seclists.org/fulldisclosure/2021/May/68 http://seclists.org/fulldisclosure/2021/May/70 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://linux.oracle.com/cve/CVE-2021-23841.html https://linux.oracle.com/errata/ELSA-2021-9561.html https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210219-0009/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://support.apple.com/kb/HT212528 https://support.apple.com/kb/HT212529 https://support.apple.com/kb/HT212534 https://ubuntu.com/security/notices/USN-4738-1 https://ubuntu.com/security/notices/USN-4745-1 https://www.debian.org/security/2021/dsa-4855 https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-03 https://www.tenable.com/security/tns-2021-09
libssl1.1	CVE-2021-3449	MEDIUM	1.1.1g-r0	1.1.1k-r0	Expand... http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://linux.oracle.com/cve/CVE-2021-3449.html https://linux.oracle.com/errata/ELSA-2021-9151.html https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210326-0006/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://ubuntu.com/security/notices/USN-4891-1 https://ubuntu.com/security/notices/USN-5038-1 https://www.debian.org/security/2021/dsa-4875 https://www.openssl.org/news/secadv/20210325.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-06 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10
libssl1.1	CVE-2021-23839	LOW	1.1.1g-r0	1.1.1j-r0	Expand... https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30919ab80a478f2d81f2e9acdcca3fa4740cd547 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://security.netapp.com/advisory/ntap-20210219-0009/ https://www.openssl.org/news/secadv/20210216.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
libx11	CVE-2021-31535	CRITICAL	1.6.12-r0	1.6.12-r1	Expand... http://packetstormsecurity.com/files/162737/libX11-Insufficient-Length-Check-Injection.html http://seclists.org/fulldisclosure/2021/May/52 http://www.openwall.com/lists/oss-security/2021/05/18/2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31535 https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605 https://linux.oracle.com/cve/CVE-2021-31535.html https://linux.oracle.com/errata/ELSA-2021-4326.html https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/05/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEOT4RLB76RVPJQKGGTIKTBIOLHX2NR6/ https://lists.freedesktop.org/archives/xorg/ https://lists.x.org/archives/xorg-announce/2021-May/003088.html https://security.gentoo.org/glsa/202105-16 https://security.netapp.com/advisory/ntap-20210813-0001/ https://ubuntu.com/security/notices/USN-4966-1 https://ubuntu.com/security/notices/USN-4966-2 https://unparalleled.eu/blog/2021/20210518-using-xterm-to-navigate-the-huge-color-space/ https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt https://www.debian.org/security/2021/dsa-4920 https://www.openwall.com/lists/oss-security/2021/05/18/2 https://www.openwall.com/lists/oss-security/2021/05/18/3
musl	CVE-2020-28928	MEDIUM	1.1.24-r8	1.1.24-r10	Expand... http://www.openwall.com/lists/oss-security/2020/11/20/4 https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/ https://musl.libc.org/releases.html https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
musl-utils	CVE-2020-28928	MEDIUM	1.1.24-r8	1.1.24-r10	Expand... http://www.openwall.com/lists/oss-security/2020/11/20/4 https://lists.apache.org/thread.html/r2134abfe847bea7795f0e53756d10a47e6643f35ab8169df8b8a9eb1@%3Cnotifications.apisix.apache.org%3E https://lists.apache.org/thread.html/r90b60cf49348e515257b4950900c1bd3ab95a960cf2469d919c7264e@%3Cnotifications.apisix.apache.org%3E https://lists.apache.org/thread.html/ra63e8dc5137d952afc55dbbfa63be83304ecf842d1eab1ff3ebb29e2@%3Cnotifications.apisix.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/11/msg00050.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/ https://musl.libc.org/releases.html https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html
ncurses-libs	CVE-2021-39537	HIGH	6.2_p20200523-r0	6.2_p20200523-r1	Expand... http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
ncurses-terminfo-base	CVE-2021-39537	HIGH	6.2_p20200523-r0	6.2_p20200523-r1	Expand... http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
ssl_client	CVE-2021-28831	HIGH	1.31.1-r16	1.32.1-r4	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831 https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/ https://security.gentoo.org/glsa/202105-09 https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42378	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42379	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42380	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42381	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42382	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42383	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
ssl_client	CVE-2021-42384	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42385	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42386	HIGH	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1
ssl_client	CVE-2021-42374	MEDIUM	1.31.1-r16	1.31.1-r21	Expand... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374 https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://ubuntu.com/security/notices/USN-5179-1

gobinary

No Vulnerabilities found

120 KiB Raw Blame History Unescape Escape

Security Overview

Helm-Chart

Scan Results

Chart Object: owncast/templates/common.yaml

Containers

Detected Containers

Scan Results

Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)

Container: tccr.io/truecharts/owncast:v0.0.10@sha256:7fe3fdf3caea1808b8e0bc163bcaf28e6aacb6df65940c692f9209e2cf765f3e (alpine 3.12.0)

120 KiB

Raw Blame History