Security Overview

Helm-Chart

Scan Results

Chart Object: promcord/templates/common.yaml

Type	Misconfiguration ID	Check	Severity	Explaination	Links
Kubernetes Security Check	KSV001	Process can elevate its own privileges	MEDIUM	Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.allowPrivilegeEscalation' to false	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv001
Kubernetes Security Check	KSV003	Default capabilities not dropped	LOW	Expand... The container should drop all default capabilities and add only those that are needed for its execution. Container 'RELEASE-NAME-promcord' of Deployment 'RELEASE-NAME-promcord' should add 'ALL' to 'securityContext.capabilities.drop'	Expand... https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/ https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check	KSV003	Default capabilities not dropped	LOW	Expand... The container should drop all default capabilities and add only those that are needed for its execution. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should add 'ALL' to 'securityContext.capabilities.drop'	Expand... https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/ https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check	KSV011	CPU not limited	LOW	Expand... Enforcing CPU limits prevents DoS via resource exhaustion. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'resources.limits.cpu'	Expand... https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits https://avd.aquasec.com/appshield/ksv011
Kubernetes Security Check	KSV012	Runs as root user	MEDIUM	Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. Container 'autopermissions' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.runAsNonRoot' to true	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check	KSV012	Runs as root user	MEDIUM	Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.runAsNonRoot' to true	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check	KSV014	Root file system is not read-only	LOW	Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. Container 'autopermissions' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.readOnlyRootFilesystem' to true	Expand... https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/ https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check	KSV014	Root file system is not read-only	LOW	Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.readOnlyRootFilesystem' to true	Expand... https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/ https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check	KSV015	CPU requests not specified	LOW	Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'resources.requests.cpu'	Expand... https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits https://avd.aquasec.com/appshield/ksv015
Kubernetes Security Check	KSV016	Memory requests not specified	LOW	Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'resources.requests.memory'	Expand... https://kubesec.io/basics/containers-resources-limits-memory/ https://avd.aquasec.com/appshield/ksv016
Kubernetes Security Check	KSV017	Privileged container	HIGH	Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.privileged' to false	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline https://avd.aquasec.com/appshield/ksv017
Kubernetes Security Check	KSV018	Memory not limited	LOW	Expand... Enforcing memory limits prevents DoS via resource exhaustion. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'resources.limits.memory'	Expand... https://kubesec.io/basics/containers-resources-limits-memory/ https://avd.aquasec.com/appshield/ksv018
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'RELEASE-NAME-promcord' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'autopermissions' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV020	Runs with low user ID	MEDIUM	Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.runAsUser' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'RELEASE-NAME-promcord' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'autopermissions' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV021	Runs with low group ID	MEDIUM	Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. Container 'hostpatch' of Deployment 'RELEASE-NAME-promcord' should set 'securityContext.runAsGroup' > 10000	Expand... https://kubesec.io/basics/containers-securitycontext-runasuser/ https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check	KSV023	hostPath volumes mounted	MEDIUM	Expand... HostPath volumes must be forbidden. Deployment 'RELEASE-NAME-promcord' should not set 'spec.template.volumes.hostPath'	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline https://avd.aquasec.com/appshield/ksv023
Kubernetes Security Check	KSV029	A root primary or supplementary GID set	LOW	Expand... Containers should be forbidden from running with a root primary or supplementary GID. Deployment 'RELEASE-NAME-promcord' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0	Expand... https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted https://avd.aquasec.com/appshield/ksv029

Containers

Detected Containers

      tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
      tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
      tccr.io/truecharts/promcord:latest@sha256:ba9bee8d89b3ce86ca55d1bd29e13deb31f73a004991b17d8d80c73f2cc1c03c

Scan Results

Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)

alpine

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
busybox	CVE-2022-28391	CRITICAL	1.34.1-r4	1.34.1-r5	Expand... https://access.redhat.com/security/cve/CVE-2022-28391 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391 https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661 https://nvd.nist.gov/vuln/detail/CVE-2022-28391
curl	CVE-2022-22576	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-22576 https://curl.se/docs/CVE-2022-22576.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576 https://ubuntu.com/security/notices/USN-5397-1
curl	CVE-2022-27774	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27774 https://curl.se/docs/CVE-2022-27774.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774 https://ubuntu.com/security/notices/USN-5397-1
curl	CVE-2022-27776	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27776 https://curl.se/docs/CVE-2022-27776.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776 https://ubuntu.com/security/notices/USN-5397-1
curl	CVE-2022-27775	LOW	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27775 https://curl.se/docs/CVE-2022-27775.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775 https://ubuntu.com/security/notices/USN-5397-1
libcurl	CVE-2022-22576	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-22576 https://curl.se/docs/CVE-2022-22576.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576 https://ubuntu.com/security/notices/USN-5397-1
libcurl	CVE-2022-27774	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27774 https://curl.se/docs/CVE-2022-27774.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774 https://ubuntu.com/security/notices/USN-5397-1
libcurl	CVE-2022-27776	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27776 https://curl.se/docs/CVE-2022-27776.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776 https://ubuntu.com/security/notices/USN-5397-1
libcurl	CVE-2022-27775	LOW	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27775 https://curl.se/docs/CVE-2022-27775.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775 https://ubuntu.com/security/notices/USN-5397-1
ssl_client	CVE-2022-28391	CRITICAL	1.34.1-r4	1.34.1-r5	Expand... https://access.redhat.com/security/cve/CVE-2022-28391 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391 https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661 https://nvd.nist.gov/vuln/detail/CVE-2022-28391
zlib	CVE-2018-25032	HIGH	1.2.11-r3	1.2.12-r0	Expand... http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2022/03/25/2 http://www.openwall.com/lists/oss-security/2022/03/26/1 https://access.redhat.com/security/cve/CVE-2018-25032 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 https://errata.almalinux.org/8/ALSA-2022-1642.html https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531 https://github.com/madler/zlib/compare/v1.2.11...v1.2.12 https://github.com/madler/zlib/issues/605 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4 https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5 https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ https://linux.oracle.com/cve/CVE-2018-25032.html https://linux.oracle.com/errata/ELSA-2022-2213.html https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/ https://nvd.nist.gov/vuln/detail/CVE-2018-25032 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://ubuntu.com/security/notices/USN-5355-1 https://ubuntu.com/security/notices/USN-5355-2 https://ubuntu.com/security/notices/USN-5359-1 https://www.debian.org/security/2022/dsa-5111 https://www.openwall.com/lists/oss-security/2022/03/24/1 https://www.openwall.com/lists/oss-security/2022/03/28/1 https://www.openwall.com/lists/oss-security/2022/03/28/3

Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)

alpine

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
busybox	CVE-2022-28391	CRITICAL	1.34.1-r4	1.34.1-r5	Expand... https://access.redhat.com/security/cve/CVE-2022-28391 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391 https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661 https://nvd.nist.gov/vuln/detail/CVE-2022-28391
curl	CVE-2022-22576	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-22576 https://curl.se/docs/CVE-2022-22576.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576 https://ubuntu.com/security/notices/USN-5397-1
curl	CVE-2022-27774	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27774 https://curl.se/docs/CVE-2022-27774.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774 https://ubuntu.com/security/notices/USN-5397-1
curl	CVE-2022-27776	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27776 https://curl.se/docs/CVE-2022-27776.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776 https://ubuntu.com/security/notices/USN-5397-1
curl	CVE-2022-27775	LOW	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27775 https://curl.se/docs/CVE-2022-27775.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775 https://ubuntu.com/security/notices/USN-5397-1
libcurl	CVE-2022-22576	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-22576 https://curl.se/docs/CVE-2022-22576.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576 https://ubuntu.com/security/notices/USN-5397-1
libcurl	CVE-2022-27774	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27774 https://curl.se/docs/CVE-2022-27774.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774 https://ubuntu.com/security/notices/USN-5397-1
libcurl	CVE-2022-27776	MEDIUM	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27776 https://curl.se/docs/CVE-2022-27776.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776 https://ubuntu.com/security/notices/USN-5397-1
libcurl	CVE-2022-27775	LOW	7.80.0-r0	7.80.0-r1	Expand... https://access.redhat.com/security/cve/CVE-2022-27775 https://curl.se/docs/CVE-2022-27775.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775 https://ubuntu.com/security/notices/USN-5397-1
ssl_client	CVE-2022-28391	CRITICAL	1.34.1-r4	1.34.1-r5	Expand... https://access.redhat.com/security/cve/CVE-2022-28391 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391 https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661 https://nvd.nist.gov/vuln/detail/CVE-2022-28391
zlib	CVE-2018-25032	HIGH	1.2.11-r3	1.2.12-r0	Expand... http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2022/03/25/2 http://www.openwall.com/lists/oss-security/2022/03/26/1 https://access.redhat.com/security/cve/CVE-2018-25032 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 https://errata.almalinux.org/8/ALSA-2022-1642.html https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531 https://github.com/madler/zlib/compare/v1.2.11...v1.2.12 https://github.com/madler/zlib/issues/605 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4 https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5 https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ https://linux.oracle.com/cve/CVE-2018-25032.html https://linux.oracle.com/errata/ELSA-2022-2213.html https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/ https://nvd.nist.gov/vuln/detail/CVE-2018-25032 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://ubuntu.com/security/notices/USN-5355-1 https://ubuntu.com/security/notices/USN-5355-2 https://ubuntu.com/security/notices/USN-5359-1 https://www.debian.org/security/2022/dsa-5111 https://www.openwall.com/lists/oss-security/2022/03/24/1 https://www.openwall.com/lists/oss-security/2022/03/28/1 https://www.openwall.com/lists/oss-security/2022/03/28/3

Container: tccr.io/truecharts/promcord:latest@sha256:ba9bee8d89b3ce86ca55d1bd29e13deb31f73a004991b17d8d80c73f2cc1c03c (debian 11.1)

debian

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
apt	CVE-2011-3374	LOW	2.2.4		Expand... https://access.redhat.com/security/cve/cve-2011-3374 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480 https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html https://seclists.org/fulldisclosure/2011/Sep/221 https://security-tracker.debian.org/tracker/CVE-2011-3374 https://snyk.io/vuln/SNYK-LINUX-APT-116518 https://ubuntu.com/security/CVE-2011-3374
bsdutils	CVE-2021-3995	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
bsdutils	CVE-2021-3996	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3996 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
bsdutils	CVE-2022-0563	LOW	2.36.1-8		Expand... https://access.redhat.com/security/cve/CVE-2022-0563 https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.netapp.com/advisory/ntap-20220331-0002/
coreutils	CVE-2016-2781	LOW	8.32-4		Expand... http://seclists.org/oss-sec/2016/q1/452 http://www.openwall.com/lists/oss-security/2016/02/28/2 http://www.openwall.com/lists/oss-security/2016/02/28/3 https://access.redhat.com/security/cve/CVE-2016-2781 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://lore.kernel.org/patchwork/patch/793178/ https://nvd.nist.gov/vuln/detail/CVE-2016-2781
coreutils	CVE-2017-18018	LOW	8.32-4		Expand... http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html https://access.redhat.com/security/cve/CVE-2017-18018
e2fsprogs	CVE-2022-1304	HIGH	1.46.2-2		Expand... https://access.redhat.com/security/cve/CVE-2022-1304 https://bugzilla.redhat.com/show_bug.cgi?id=2069726 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304 https://marc.info/?l=linux-ext4&m=165056234501732&w=2 https://nvd.nist.gov/vuln/detail/CVE-2022-1304
gzip	CVE-2022-1271	HIGH	1.10-4	1.10-4+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2022-1271 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271 https://errata.almalinux.org/8/ALSA-2022-1537.html https://linux.oracle.com/cve/CVE-2022-1271.html https://linux.oracle.com/errata/ELSA-2022-2191.html https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html https://ubuntu.com/security/notices/USN-5378-1 https://ubuntu.com/security/notices/USN-5378-2 https://ubuntu.com/security/notices/USN-5378-3 https://ubuntu.com/security/notices/USN-5378-4 https://www.openwall.com/lists/oss-security/2022/04/07/8
libapt-pkg6.0	CVE-2011-3374	LOW	2.2.4		Expand... https://access.redhat.com/security/cve/cve-2011-3374 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480 https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html https://seclists.org/fulldisclosure/2011/Sep/221 https://security-tracker.debian.org/tracker/CVE-2011-3374 https://snyk.io/vuln/SNYK-LINUX-APT-116518 https://ubuntu.com/security/CVE-2011-3374
libblkid1	CVE-2021-3995	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
libblkid1	CVE-2021-3996	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3996 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
libblkid1	CVE-2022-0563	LOW	2.36.1-8		Expand... https://access.redhat.com/security/cve/CVE-2022-0563 https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.netapp.com/advisory/ntap-20220331-0002/
libc-bin	CVE-2021-33574	CRITICAL	2.31-13+deb11u2	2.31-13+deb11u3	Expand... https://access.redhat.com/security/cve/CVE-2021-33574 https://linux.oracle.com/cve/CVE-2021-33574.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/ https://nvd.nist.gov/vuln/detail/CVE-2021-33574 https://security.gentoo.org/glsa/202107-07 https://security.netapp.com/advisory/ntap-20210629-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=27896 https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
libc-bin	CVE-2022-23218	CRITICAL	2.31-13+deb11u2	2.31-13+deb11u3	Expand... https://access.redhat.com/security/cve/CVE-2022-23218 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218 https://linux.oracle.com/cve/CVE-2022-23218.html https://linux.oracle.com/errata/ELSA-2022-9358.html https://nvd.nist.gov/vuln/detail/CVE-2022-23218 https://sourceware.org/bugzilla/show_bug.cgi?id=28768 https://ubuntu.com/security/notices/USN-5310-1 https://ubuntu.com/security/notices/USN-5310-2
libc-bin	CVE-2022-23219	CRITICAL	2.31-13+deb11u2	2.31-13+deb11u3	Expand... https://access.redhat.com/security/cve/CVE-2022-23219 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219 https://linux.oracle.com/cve/CVE-2022-23219.html https://linux.oracle.com/errata/ELSA-2022-9358.html https://nvd.nist.gov/vuln/detail/CVE-2022-23219 https://sourceware.org/bugzilla/show_bug.cgi?id=22542 https://ubuntu.com/security/notices/USN-5310-1 https://ubuntu.com/security/notices/USN-5310-2
libc-bin	CVE-2021-3999	HIGH	2.31-13+deb11u2		Expand... https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json https://access.redhat.com/security/cve/CVE-2021-3999 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999 https://linux.oracle.com/cve/CVE-2021-3999.html https://linux.oracle.com/errata/ELSA-2022-9234.html https://ubuntu.com/security/notices/USN-5310-1 https://ubuntu.com/security/notices/USN-5310-2 https://www.openwall.com/lists/oss-security/2022/01/24/4
libc-bin	CVE-2010-4756	LOW	2.31-13+deb11u2		Expand... http://cxib.net/stuff/glob-0day.c http://securityreason.com/achievement_securityalert/89 http://securityreason.com/exploitalert/9223 https://access.redhat.com/security/cve/CVE-2010-4756 https://bugzilla.redhat.com/show_bug.cgi?id=681681 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756 https://nvd.nist.gov/vuln/detail/CVE-2010-4756
libc-bin	CVE-2018-20796	LOW	2.31-13+deb11u2		Expand... http://www.securityfocus.com/bid/107160 https://access.redhat.com/security/cve/CVE-2018-20796 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html https://nvd.nist.gov/vuln/detail/CVE-2018-20796 https://security.netapp.com/advisory/ntap-20190315-0002/ https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
libc-bin	CVE-2019-1010022	LOW	2.31-13+deb11u2		Expand... https://access.redhat.com/security/cve/CVE-2019-1010022 https://security-tracker.debian.org/tracker/CVE-2019-1010022 https://sourceware.org/bugzilla/show_bug.cgi?id=22850 https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 https://ubuntu.com/security/CVE-2019-1010022
libc-bin	CVE-2019-1010023	LOW	2.31-13+deb11u2		Expand... http://www.securityfocus.com/bid/109167 https://access.redhat.com/security/cve/CVE-2019-1010023 https://security-tracker.debian.org/tracker/CVE-2019-1010023 https://sourceware.org/bugzilla/show_bug.cgi?id=22851 https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS https://ubuntu.com/security/CVE-2019-1010023
libc-bin	CVE-2019-1010024	LOW	2.31-13+deb11u2		Expand... http://www.securityfocus.com/bid/109162 https://access.redhat.com/security/cve/CVE-2019-1010024 https://security-tracker.debian.org/tracker/CVE-2019-1010024 https://sourceware.org/bugzilla/show_bug.cgi?id=22852 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS https://ubuntu.com/security/CVE-2019-1010024
libc-bin	CVE-2019-1010025	LOW	2.31-13+deb11u2		Expand... https://access.redhat.com/security/cve/CVE-2019-1010025 https://security-tracker.debian.org/tracker/CVE-2019-1010025 https://sourceware.org/bugzilla/show_bug.cgi?id=22853 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS https://ubuntu.com/security/CVE-2019-1010025
libc-bin	CVE-2019-9192	LOW	2.31-13+deb11u2		Expand... https://access.redhat.com/security/cve/CVE-2019-9192 https://nvd.nist.gov/vuln/detail/CVE-2019-9192 https://sourceware.org/bugzilla/show_bug.cgi?id=24269 https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
libc-bin	CVE-2021-43396	LOW	2.31-13+deb11u2	2.31-13+deb11u3	Expand... https://access.redhat.com/security/cve/CVE-2021-43396 https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396 https://nvd.nist.gov/vuln/detail/CVE-2021-43396 https://sourceware.org/bugzilla/show_bug.cgi?id=28524 https://sourceware.org/git/?p=glibc.git;a=commit;h=ff012870b2c02a62598c04daa1e54632e020fd7d
libc6	CVE-2021-33574	CRITICAL	2.31-13+deb11u2	2.31-13+deb11u3	Expand... https://access.redhat.com/security/cve/CVE-2021-33574 https://linux.oracle.com/cve/CVE-2021-33574.html https://linux.oracle.com/errata/ELSA-2021-9560.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/ https://nvd.nist.gov/vuln/detail/CVE-2021-33574 https://security.gentoo.org/glsa/202107-07 https://security.netapp.com/advisory/ntap-20210629-0005/ https://sourceware.org/bugzilla/show_bug.cgi?id=27896 https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
libc6	CVE-2022-23218	CRITICAL	2.31-13+deb11u2	2.31-13+deb11u3	Expand... https://access.redhat.com/security/cve/CVE-2022-23218 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218 https://linux.oracle.com/cve/CVE-2022-23218.html https://linux.oracle.com/errata/ELSA-2022-9358.html https://nvd.nist.gov/vuln/detail/CVE-2022-23218 https://sourceware.org/bugzilla/show_bug.cgi?id=28768 https://ubuntu.com/security/notices/USN-5310-1 https://ubuntu.com/security/notices/USN-5310-2
libc6	CVE-2022-23219	CRITICAL	2.31-13+deb11u2	2.31-13+deb11u3	Expand... https://access.redhat.com/security/cve/CVE-2022-23219 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219 https://linux.oracle.com/cve/CVE-2022-23219.html https://linux.oracle.com/errata/ELSA-2022-9358.html https://nvd.nist.gov/vuln/detail/CVE-2022-23219 https://sourceware.org/bugzilla/show_bug.cgi?id=22542 https://ubuntu.com/security/notices/USN-5310-1 https://ubuntu.com/security/notices/USN-5310-2
libc6	CVE-2021-3999	HIGH	2.31-13+deb11u2		Expand... https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json https://access.redhat.com/security/cve/CVE-2021-3999 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999 https://linux.oracle.com/cve/CVE-2021-3999.html https://linux.oracle.com/errata/ELSA-2022-9234.html https://ubuntu.com/security/notices/USN-5310-1 https://ubuntu.com/security/notices/USN-5310-2 https://www.openwall.com/lists/oss-security/2022/01/24/4
libc6	CVE-2010-4756	LOW	2.31-13+deb11u2		Expand... http://cxib.net/stuff/glob-0day.c http://securityreason.com/achievement_securityalert/89 http://securityreason.com/exploitalert/9223 https://access.redhat.com/security/cve/CVE-2010-4756 https://bugzilla.redhat.com/show_bug.cgi?id=681681 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756 https://nvd.nist.gov/vuln/detail/CVE-2010-4756
libc6	CVE-2018-20796	LOW	2.31-13+deb11u2		Expand... http://www.securityfocus.com/bid/107160 https://access.redhat.com/security/cve/CVE-2018-20796 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html https://nvd.nist.gov/vuln/detail/CVE-2018-20796 https://security.netapp.com/advisory/ntap-20190315-0002/ https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
libc6	CVE-2019-1010022	LOW	2.31-13+deb11u2		Expand... https://access.redhat.com/security/cve/CVE-2019-1010022 https://security-tracker.debian.org/tracker/CVE-2019-1010022 https://sourceware.org/bugzilla/show_bug.cgi?id=22850 https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 https://ubuntu.com/security/CVE-2019-1010022
libc6	CVE-2019-1010023	LOW	2.31-13+deb11u2		Expand... http://www.securityfocus.com/bid/109167 https://access.redhat.com/security/cve/CVE-2019-1010023 https://security-tracker.debian.org/tracker/CVE-2019-1010023 https://sourceware.org/bugzilla/show_bug.cgi?id=22851 https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS https://ubuntu.com/security/CVE-2019-1010023
libc6	CVE-2019-1010024	LOW	2.31-13+deb11u2		Expand... http://www.securityfocus.com/bid/109162 https://access.redhat.com/security/cve/CVE-2019-1010024 https://security-tracker.debian.org/tracker/CVE-2019-1010024 https://sourceware.org/bugzilla/show_bug.cgi?id=22852 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS https://ubuntu.com/security/CVE-2019-1010024
libc6	CVE-2019-1010025	LOW	2.31-13+deb11u2		Expand... https://access.redhat.com/security/cve/CVE-2019-1010025 https://security-tracker.debian.org/tracker/CVE-2019-1010025 https://sourceware.org/bugzilla/show_bug.cgi?id=22853 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS https://ubuntu.com/security/CVE-2019-1010025
libc6	CVE-2019-9192	LOW	2.31-13+deb11u2		Expand... https://access.redhat.com/security/cve/CVE-2019-9192 https://nvd.nist.gov/vuln/detail/CVE-2019-9192 https://sourceware.org/bugzilla/show_bug.cgi?id=24269 https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
libc6	CVE-2021-43396	LOW	2.31-13+deb11u2	2.31-13+deb11u3	Expand... https://access.redhat.com/security/cve/CVE-2021-43396 https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396 https://nvd.nist.gov/vuln/detail/CVE-2021-43396 https://sourceware.org/bugzilla/show_bug.cgi?id=28524 https://sourceware.org/git/?p=glibc.git;a=commit;h=ff012870b2c02a62598c04daa1e54632e020fd7d
libcom-err2	CVE-2022-1304	HIGH	1.46.2-2		Expand... https://access.redhat.com/security/cve/CVE-2022-1304 https://bugzilla.redhat.com/show_bug.cgi?id=2069726 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304 https://marc.info/?l=linux-ext4&m=165056234501732&w=2 https://nvd.nist.gov/vuln/detail/CVE-2022-1304
libdb5.3	CVE-2019-8457	CRITICAL	5.3.28+dfsg1-0.8		Expand... http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html https://access.redhat.com/security/cve/CVE-2019-8457 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://linux.oracle.com/cve/CVE-2019-8457.html https://linux.oracle.com/errata/ELSA-2020-1810.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/ https://security.netapp.com/advisory/ntap-20190606-0002/ https://ubuntu.com/security/notices/USN-4004-1 https://ubuntu.com/security/notices/USN-4004-2 https://ubuntu.com/security/notices/USN-4019-1 https://ubuntu.com/security/notices/USN-4019-2 https://usn.ubuntu.com/4004-1/ https://usn.ubuntu.com/4004-2/ https://usn.ubuntu.com/4019-1/ https://usn.ubuntu.com/4019-2/ https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://www.sqlite.org/releaselog/3_28_0.html https://www.sqlite.org/src/info/90acdbfce9c08858
libext2fs2	CVE-2022-1304	HIGH	1.46.2-2		Expand... https://access.redhat.com/security/cve/CVE-2022-1304 https://bugzilla.redhat.com/show_bug.cgi?id=2069726 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304 https://marc.info/?l=linux-ext4&m=165056234501732&w=2 https://nvd.nist.gov/vuln/detail/CVE-2022-1304
libgcrypt20	CVE-2021-33560	HIGH	1.8.7-6		Expand... https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33560.json https://access.redhat.com/security/cve/CVE-2021-33560 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560 https://dev.gnupg.org/T5305 https://dev.gnupg.org/T5328 https://dev.gnupg.org/T5466 https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61 https://eprint.iacr.org/2021/923 https://errata.almalinux.org/8/ALSA-2021-4409.html https://linux.oracle.com/cve/CVE-2021-33560.html https://linux.oracle.com/errata/ELSA-2022-9263.html https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/ https://nvd.nist.gov/vuln/detail/CVE-2021-33560 https://ubuntu.com/security/notices/USN-5080-1 https://ubuntu.com/security/notices/USN-5080-2 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
libgcrypt20	CVE-2018-6829	LOW	1.8.7-6		Expand... https://access.redhat.com/security/cve/CVE-2018-6829 https://github.com/weikengchen/attack-on-libgcrypt-elgamal https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html https://www.oracle.com/security-alerts/cpujan2020.html
libgmp10	CVE-2021-43618	HIGH	2:6.2.1+dfsg-1	2:6.2.1+dfsg-1+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-43618 https://bugs.debian.org/994405 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618 https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2021-43618
libgnutls30	CVE-2021-4209	MEDIUM	3.7.1-5		Expand... https://access.redhat.com/security/cve/CVE-2021-4209
libgnutls30	CVE-2011-3389	LOW	3.7.1-5		Expand... http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/ http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/ http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx http://curl.haxx.se/docs/adv_20120124B.html http://downloads.asterisk.org/pub/security/AST-2016-001.html http://ekoparty.org/2011/juliano-rizzo.php http://eprint.iacr.org/2004/111 http://eprint.iacr.org/2006/136 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html http://isc.sans.edu/diary/SSL+TLS+part+3+/11635 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://marc.info/?l=bugtraq&m=132750579901589&w=2 http://marc.info/?l=bugtraq&m=132872385320240&w=2 http://marc.info/?l=bugtraq&m=133365109612558&w=2 http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue http://osvdb.org/74829 http://rhn.redhat.com/errata/RHSA-2012-0508.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/45791 http://secunia.com/advisories/47998 http://secunia.com/advisories/48256 http://secunia.com/advisories/48692 http://secunia.com/advisories/48915 http://secunia.com/advisories/48948 http://secunia.com/advisories/49198 http://secunia.com/advisories/55322 http://secunia.com/advisories/55350 http://secunia.com/advisories/55351 http://security.gentoo.org/glsa/glsa-201203-02.xml http://security.gentoo.org/glsa/glsa-201406-32.xml http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5001 http://support.apple.com/kb/HT5130 http://support.apple.com/kb/HT5281 http://support.apple.com/kb/HT5501 http://support.apple.com/kb/HT6150 http://technet.microsoft.com/security/advisory/2588513 http://vnhacker.blogspot.com/2011/09/beast.html http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf http://www.debian.org/security/2012/dsa-2398 http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html http://www.ibm.com/developerworks/java/jdk/alerts/ http://www.imperialviolet.org/2011/09/23/chromeandbeast.html http://www.insecure.cl/Beast-SSL.rar http://www.kb.cert.org/vuls/id/864643 http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 http://www.opera.com/docs/changelogs/mac/1151/ http://www.opera.com/docs/changelogs/mac/1160/ http://www.opera.com/docs/changelogs/unix/1151/ http://www.opera.com/docs/changelogs/unix/1160/ http://www.opera.com/docs/changelogs/windows/1151/ http://www.opera.com/docs/changelogs/windows/1160/ http://www.opera.com/support/kb/view/1004/ http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://www.redhat.com/support/errata/RHSA-2011-1384.html http://www.redhat.com/support/errata/RHSA-2012-0006.html http://www.securityfocus.com/bid/49388 http://www.securityfocus.com/bid/49778 http://www.securitytracker.com/id/1029190 http://www.securitytracker.com/id?1025997 http://www.securitytracker.com/id?1026103 http://www.securitytracker.com/id?1026704 http://www.ubuntu.com/usn/USN-1263-1 http://www.us-cert.gov/cas/techalerts/TA12-010A.html https://access.redhat.com/security/cve/CVE-2011-3389 https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail https://bugzilla.novell.com/show_bug.cgi?id=719047 https://bugzilla.redhat.com/show_bug.cgi?id=737506 https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 https://hermes.opensuse.org/messages/13154861 https://hermes.opensuse.org/messages/13155432 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://linux.oracle.com/cve/CVE-2011-3389.html https://linux.oracle.com/errata/ELSA-2011-1380.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752 https://ubuntu.com/security/notices/USN-1263-1
libgssapi-krb5-2	CVE-2004-0971	LOW	1.18.3-6+deb11u1		Expand... http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304 http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml http://www.redhat.com/support/errata/RHSA-2005-012.html http://www.securityfocus.com/bid/11289 http://www.trustix.org/errata/2004/0050 https://access.redhat.com/security/cve/CVE-2004-0971 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497
libgssapi-krb5-2	CVE-2018-5709	LOW	1.18.3-6+deb11u1		Expand... https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libk5crypto3	CVE-2004-0971	LOW	1.18.3-6+deb11u1		Expand... http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304 http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml http://www.redhat.com/support/errata/RHSA-2005-012.html http://www.securityfocus.com/bid/11289 http://www.trustix.org/errata/2004/0050 https://access.redhat.com/security/cve/CVE-2004-0971 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497
libk5crypto3	CVE-2018-5709	LOW	1.18.3-6+deb11u1		Expand... https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libkrb5-3	CVE-2004-0971	LOW	1.18.3-6+deb11u1		Expand... http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304 http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml http://www.redhat.com/support/errata/RHSA-2005-012.html http://www.securityfocus.com/bid/11289 http://www.trustix.org/errata/2004/0050 https://access.redhat.com/security/cve/CVE-2004-0971 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497
libkrb5-3	CVE-2018-5709	LOW	1.18.3-6+deb11u1		Expand... https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libkrb5support0	CVE-2004-0971	LOW	1.18.3-6+deb11u1		Expand... http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304 http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml http://www.redhat.com/support/errata/RHSA-2005-012.html http://www.securityfocus.com/bid/11289 http://www.trustix.org/errata/2004/0050 https://access.redhat.com/security/cve/CVE-2004-0971 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497
libkrb5support0	CVE-2018-5709	LOW	1.18.3-6+deb11u1		Expand... https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
liblzma5	CVE-2022-1271	HIGH	5.2.5-2	5.2.5-2.1~deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2022-1271 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271 https://errata.almalinux.org/8/ALSA-2022-1537.html https://linux.oracle.com/cve/CVE-2022-1271.html https://linux.oracle.com/errata/ELSA-2022-2191.html https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html https://ubuntu.com/security/notices/USN-5378-1 https://ubuntu.com/security/notices/USN-5378-2 https://ubuntu.com/security/notices/USN-5378-3 https://ubuntu.com/security/notices/USN-5378-4 https://www.openwall.com/lists/oss-security/2022/04/07/8
libmount1	CVE-2021-3995	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
libmount1	CVE-2021-3996	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3996 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
libmount1	CVE-2022-0563	LOW	2.36.1-8		Expand... https://access.redhat.com/security/cve/CVE-2022-0563 https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.netapp.com/advisory/ntap-20220331-0002/
libpcre2-8-0	CVE-2022-1586	HIGH	10.36-2		Expand... https://access.redhat.com/security/cve/CVE-2022-1586 https://bugzilla.redhat.com/show_bug.cgi?id=2077976, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586 https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a, https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
libpcre2-8-0	CVE-2022-1587	HIGH	10.36-2		Expand... https://access.redhat.com/security/cve/CVE-2022-1587 https://bugzilla.redhat.com/show_bug.cgi?id=2077983, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587 https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
libpcre3	CVE-2017-11164	LOW	2:8.39-13		Expand... http://openwall.com/lists/oss-security/2017/07/11/3 http://www.securityfocus.com/bid/99575 https://access.redhat.com/security/cve/CVE-2017-11164 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libpcre3	CVE-2017-16231	LOW	2:8.39-13		Expand... http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html http://seclists.org/fulldisclosure/2018/Dec/33 http://www.openwall.com/lists/oss-security/2017/11/01/11 http://www.openwall.com/lists/oss-security/2017/11/01/3 http://www.openwall.com/lists/oss-security/2017/11/01/7 http://www.openwall.com/lists/oss-security/2017/11/01/8 http://www.securityfocus.com/bid/101688 https://access.redhat.com/security/cve/CVE-2017-16231 https://bugs.exim.org/show_bug.cgi?id=2047
libpcre3	CVE-2017-7245	LOW	2:8.39-13		Expand... http://www.securityfocus.com/bid/97067 https://access.redhat.com/errata/RHSA-2018:2486 https://access.redhat.com/security/cve/CVE-2017-7245 https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/ https://security.gentoo.org/glsa/201710-25
libpcre3	CVE-2017-7246	LOW	2:8.39-13		Expand... http://www.securityfocus.com/bid/97067 https://access.redhat.com/errata/RHSA-2018:2486 https://access.redhat.com/security/cve/CVE-2017-7246 https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/ https://security.gentoo.org/glsa/201710-25
libpcre3	CVE-2019-20838	LOW	2:8.39-13		Expand... http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2021/Feb/14 https://access.redhat.com/security/cve/CVE-2019-20838 https://bugs.gentoo.org/717920 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838 https://errata.almalinux.org/8/ALSA-2021-4373.html https://linux.oracle.com/cve/CVE-2019-20838.html https://linux.oracle.com/errata/ELSA-2021-4373.html https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2019-20838 https://support.apple.com/kb/HT211931 https://support.apple.com/kb/HT212147 https://ubuntu.com/security/notices/USN-5425-1 https://www.pcre.org/original/changelog.txt
libsepol1	CVE-2021-36084	LOW	3.1-1		Expand... https://access.redhat.com/security/cve/CVE-2021-36084 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084 https://errata.almalinux.org/8/ALSA-2021-4513.html https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml https://linux.oracle.com/cve/CVE-2021-36084.html https://linux.oracle.com/errata/ELSA-2021-4513.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/ https://ubuntu.com/security/notices/USN-5391-1
libsepol1	CVE-2021-36085	LOW	3.1-1		Expand... https://access.redhat.com/security/cve/CVE-2021-36085 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085 https://errata.almalinux.org/8/ALSA-2021-4513.html https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml https://linux.oracle.com/cve/CVE-2021-36085.html https://linux.oracle.com/errata/ELSA-2021-4513.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/ https://ubuntu.com/security/notices/USN-5391-1
libsepol1	CVE-2021-36086	LOW	3.1-1		Expand... https://access.redhat.com/security/cve/CVE-2021-36086 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086 https://errata.almalinux.org/8/ALSA-2021-4513.html https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml https://linux.oracle.com/cve/CVE-2021-36086.html https://linux.oracle.com/errata/ELSA-2021-4513.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/ https://ubuntu.com/security/notices/USN-5391-1
libsepol1	CVE-2021-36087	LOW	3.1-1		Expand... https://access.redhat.com/security/cve/CVE-2021-36087 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087 https://errata.almalinux.org/8/ALSA-2021-4513.html https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml https://linux.oracle.com/cve/CVE-2021-36087.html https://linux.oracle.com/errata/ELSA-2021-4513.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/ https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/ https://ubuntu.com/security/notices/USN-5391-1
libsmartcols1	CVE-2021-3995	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
libsmartcols1	CVE-2021-3996	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3996 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
libsmartcols1	CVE-2022-0563	LOW	2.36.1-8		Expand... https://access.redhat.com/security/cve/CVE-2022-0563 https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.netapp.com/advisory/ntap-20220331-0002/
libss2	CVE-2022-1304	HIGH	1.46.2-2		Expand... https://access.redhat.com/security/cve/CVE-2022-1304 https://bugzilla.redhat.com/show_bug.cgi?id=2069726 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304 https://marc.info/?l=linux-ext4&m=165056234501732&w=2 https://nvd.nist.gov/vuln/detail/CVE-2022-1304
libssl1.1	CVE-2022-1292	CRITICAL	1.1.1k-1+deb11u1	1.1.1n-0+deb11u2	Expand... https://access.redhat.com/security/cve/CVE-2022-1292 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html https://nvd.nist.gov/vuln/detail/CVE-2022-1292 https://ubuntu.com/security/notices/USN-5402-1 https://www.openssl.org/news/secadv/20220503.txt
libssl1.1	CVE-2022-0778	HIGH	1.1.1k-1+deb11u1	1.1.1k-1+deb11u2	Expand... http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json https://access.redhat.com/security/cve/CVE-2022-0778 https://crates.io/crates/openssl-src https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778 https://errata.almalinux.org/8/ALSA-2022-1065.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246 https://linux.oracle.com/cve/CVE-2022-0778.html https://linux.oracle.com/errata/ELSA-2022-9272.html https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/ https://nvd.nist.gov/vuln/detail/CVE-2022-0778 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002 https://rustsec.org/advisories/RUSTSEC-2022-0014.html https://security.netapp.com/advisory/ntap-20220321-0002/ https://security.netapp.com/advisory/ntap-20220429-0005/ https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://ubuntu.com/security/notices/USN-5328-1 https://ubuntu.com/security/notices/USN-5328-2 https://www.debian.org/security/2022/dsa-5103 https://www.openssl.org/news/secadv/20220315.txt https://www.oracle.com/security-alerts/cpuapr2022.html https://www.tenable.com/security/tns-2022-06 https://www.tenable.com/security/tns-2022-07 https://www.tenable.com/security/tns-2022-08 https://www.tenable.com/security/tns-2022-09
libssl1.1	CVE-2021-4160	MEDIUM	1.1.1k-1+deb11u1	1.1.1k-1+deb11u2	Expand... https://access.redhat.com/security/cve/CVE-2021-4160 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb https://nvd.nist.gov/vuln/detail/CVE-2021-4160 https://www.debian.org/security/2022/dsa-5103 https://www.openssl.org/news/secadv/20220128.txt https://www.oracle.com/security-alerts/cpuapr2022.html
libssl1.1	CVE-2007-6755	LOW	1.1.1k-1+deb11u1		Expand... http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/ http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html http://rump2007.cr.yp.to/15-shumow.pdf http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/ http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect http://www.securityfocus.com/bid/63657 https://access.redhat.com/security/cve/CVE-2007-6755 https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
libssl1.1	CVE-2010-0928	LOW	1.1.1k-1+deb11u1		Expand... http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/ http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf http://www.networkworld.com/news/2010/030410-rsa-security-attack.html http://www.osvdb.org/62808 http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/ https://access.redhat.com/security/cve/CVE-2010-0928 https://exchange.xforce.ibmcloud.com/vulnerabilities/56750
libsystemd0	CVE-2021-3997	MEDIUM	247.3-6	247.3-7	Expand... https://access.redhat.com/security/cve/CVE-2021-3997 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997 https://ubuntu.com/security/notices/USN-5226-1 https://www.openwall.com/lists/oss-security/2022/01/10/2
libsystemd0	CVE-2013-4392	LOW	247.3-6		Expand... http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357 http://www.openwall.com/lists/oss-security/2013/10/01/9 https://access.redhat.com/security/cve/CVE-2013-4392 https://bugzilla.redhat.com/show_bug.cgi?id=859060
libsystemd0	CVE-2020-13529	LOW	247.3-6		Expand... http://www.openwall.com/lists/oss-security/2021/08/04/2 http://www.openwall.com/lists/oss-security/2021/08/17/3 http://www.openwall.com/lists/oss-security/2021/09/07/3 https://access.redhat.com/security/cve/CVE-2020-13529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529 https://linux.oracle.com/cve/CVE-2020-13529.html https://linux.oracle.com/errata/ELSA-2021-4361.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/ https://security.gentoo.org/glsa/202107-48 https://security.netapp.com/advisory/ntap-20210625-0005/ https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142 https://ubuntu.com/security/notices/USN-5013-1 https://ubuntu.com/security/notices/USN-5013-2
libtinfo6	CVE-2022-29458	HIGH	6.2+20201114-2		Expand... https://access.redhat.com/security/cve/CVE-2022-29458 https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html https://nvd.nist.gov/vuln/detail/CVE-2022-29458
libtinfo6	CVE-2021-39537	LOW	6.2+20201114-2		Expand... http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup https://access.redhat.com/security/cve/CVE-2021-39537 https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html https://nvd.nist.gov/vuln/detail/CVE-2021-39537
libudev1	CVE-2021-3997	MEDIUM	247.3-6	247.3-7	Expand... https://access.redhat.com/security/cve/CVE-2021-3997 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997 https://ubuntu.com/security/notices/USN-5226-1 https://www.openwall.com/lists/oss-security/2022/01/10/2
libudev1	CVE-2013-4392	LOW	247.3-6		Expand... http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357 http://www.openwall.com/lists/oss-security/2013/10/01/9 https://access.redhat.com/security/cve/CVE-2013-4392 https://bugzilla.redhat.com/show_bug.cgi?id=859060
libudev1	CVE-2020-13529	LOW	247.3-6		Expand... http://www.openwall.com/lists/oss-security/2021/08/04/2 http://www.openwall.com/lists/oss-security/2021/08/17/3 http://www.openwall.com/lists/oss-security/2021/09/07/3 https://access.redhat.com/security/cve/CVE-2020-13529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529 https://linux.oracle.com/cve/CVE-2020-13529.html https://linux.oracle.com/errata/ELSA-2021-4361.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/ https://security.gentoo.org/glsa/202107-48 https://security.netapp.com/advisory/ntap-20210625-0005/ https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142 https://ubuntu.com/security/notices/USN-5013-1 https://ubuntu.com/security/notices/USN-5013-2
libuuid1	CVE-2021-3995	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
libuuid1	CVE-2021-3996	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3996 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
libuuid1	CVE-2022-0563	LOW	2.36.1-8		Expand... https://access.redhat.com/security/cve/CVE-2022-0563 https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.netapp.com/advisory/ntap-20220331-0002/
login	CVE-2007-5686	LOW	1:4.8.1-1		Expand... http://secunia.com/advisories/27215 http://www.securityfocus.com/archive/1/482129/100/100/threaded http://www.securityfocus.com/archive/1/482857/100/0/threaded http://www.securityfocus.com/bid/26048 http://www.vupen.com/english/advisories/2007/3474 https://issues.rpath.com/browse/RPL-1825
login	CVE-2013-4235	LOW	1:4.8.1-1		Expand... https://access.redhat.com/security/cve/CVE-2013-4235 https://access.redhat.com/security/cve/cve-2013-4235 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://security-tracker.debian.org/tracker/CVE-2013-4235
login	CVE-2019-19882	LOW	1:4.8.1-1		Expand... https://access.redhat.com/security/cve/CVE-2019-19882 https://bugs.archlinux.org/task/64836 https://bugs.gentoo.org/702252 https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75 https://github.com/shadow-maint/shadow/pull/199 https://github.com/void-linux/void-packages/pull/17580 https://security.gentoo.org/glsa/202008-09
logsave	CVE-2022-1304	HIGH	1.46.2-2		Expand... https://access.redhat.com/security/cve/CVE-2022-1304 https://bugzilla.redhat.com/show_bug.cgi?id=2069726 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304 https://marc.info/?l=linux-ext4&m=165056234501732&w=2 https://nvd.nist.gov/vuln/detail/CVE-2022-1304
mount	CVE-2021-3995	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
mount	CVE-2021-3996	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3996 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
mount	CVE-2022-0563	LOW	2.36.1-8		Expand... https://access.redhat.com/security/cve/CVE-2022-0563 https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.netapp.com/advisory/ntap-20220331-0002/
ncurses-base	CVE-2022-29458	HIGH	6.2+20201114-2		Expand... https://access.redhat.com/security/cve/CVE-2022-29458 https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html https://nvd.nist.gov/vuln/detail/CVE-2022-29458
ncurses-base	CVE-2021-39537	LOW	6.2+20201114-2		Expand... http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup https://access.redhat.com/security/cve/CVE-2021-39537 https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html https://nvd.nist.gov/vuln/detail/CVE-2021-39537
ncurses-bin	CVE-2022-29458	HIGH	6.2+20201114-2		Expand... https://access.redhat.com/security/cve/CVE-2022-29458 https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html https://nvd.nist.gov/vuln/detail/CVE-2022-29458
ncurses-bin	CVE-2021-39537	LOW	6.2+20201114-2		Expand... http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup https://access.redhat.com/security/cve/CVE-2021-39537 https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html https://nvd.nist.gov/vuln/detail/CVE-2021-39537
openssl	CVE-2022-1292	CRITICAL	1.1.1k-1+deb11u1	1.1.1n-0+deb11u2	Expand... https://access.redhat.com/security/cve/CVE-2022-1292 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html https://nvd.nist.gov/vuln/detail/CVE-2022-1292 https://ubuntu.com/security/notices/USN-5402-1 https://www.openssl.org/news/secadv/20220503.txt
openssl	CVE-2022-0778	HIGH	1.1.1k-1+deb11u1	1.1.1k-1+deb11u2	Expand... http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json https://access.redhat.com/security/cve/CVE-2022-0778 https://crates.io/crates/openssl-src https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778 https://errata.almalinux.org/8/ALSA-2022-1065.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246 https://linux.oracle.com/cve/CVE-2022-0778.html https://linux.oracle.com/errata/ELSA-2022-9272.html https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/ https://nvd.nist.gov/vuln/detail/CVE-2022-0778 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002 https://rustsec.org/advisories/RUSTSEC-2022-0014.html https://security.netapp.com/advisory/ntap-20220321-0002/ https://security.netapp.com/advisory/ntap-20220429-0005/ https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://ubuntu.com/security/notices/USN-5328-1 https://ubuntu.com/security/notices/USN-5328-2 https://www.debian.org/security/2022/dsa-5103 https://www.openssl.org/news/secadv/20220315.txt https://www.oracle.com/security-alerts/cpuapr2022.html https://www.tenable.com/security/tns-2022-06 https://www.tenable.com/security/tns-2022-07 https://www.tenable.com/security/tns-2022-08 https://www.tenable.com/security/tns-2022-09
openssl	CVE-2021-4160	MEDIUM	1.1.1k-1+deb11u1	1.1.1k-1+deb11u2	Expand... https://access.redhat.com/security/cve/CVE-2021-4160 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb https://nvd.nist.gov/vuln/detail/CVE-2021-4160 https://www.debian.org/security/2022/dsa-5103 https://www.openssl.org/news/secadv/20220128.txt https://www.oracle.com/security-alerts/cpuapr2022.html
openssl	CVE-2007-6755	LOW	1.1.1k-1+deb11u1		Expand... http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/ http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html http://rump2007.cr.yp.to/15-shumow.pdf http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/ http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect http://www.securityfocus.com/bid/63657 https://access.redhat.com/security/cve/CVE-2007-6755 https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
openssl	CVE-2010-0928	LOW	1.1.1k-1+deb11u1		Expand... http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/ http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf http://www.networkworld.com/news/2010/030410-rsa-security-attack.html http://www.osvdb.org/62808 http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/ https://access.redhat.com/security/cve/CVE-2010-0928 https://exchange.xforce.ibmcloud.com/vulnerabilities/56750
passwd	CVE-2007-5686	LOW	1:4.8.1-1		Expand... http://secunia.com/advisories/27215 http://www.securityfocus.com/archive/1/482129/100/100/threaded http://www.securityfocus.com/archive/1/482857/100/0/threaded http://www.securityfocus.com/bid/26048 http://www.vupen.com/english/advisories/2007/3474 https://issues.rpath.com/browse/RPL-1825
passwd	CVE-2013-4235	LOW	1:4.8.1-1		Expand... https://access.redhat.com/security/cve/CVE-2013-4235 https://access.redhat.com/security/cve/cve-2013-4235 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E https://security-tracker.debian.org/tracker/CVE-2013-4235
passwd	CVE-2019-19882	LOW	1:4.8.1-1		Expand... https://access.redhat.com/security/cve/CVE-2019-19882 https://bugs.archlinux.org/task/64836 https://bugs.gentoo.org/702252 https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75 https://github.com/shadow-maint/shadow/pull/199 https://github.com/void-linux/void-packages/pull/17580 https://security.gentoo.org/glsa/202008-09
perl-base	CVE-2020-16156	HIGH	5.32.1-4+deb11u2		Expand... http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html https://access.redhat.com/security/cve/CVE-2020-16156 https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/ https://metacpan.org/pod/distribution/CPAN/scripts/cpan
perl-base	CVE-2011-4116	LOW	5.32.1-4+deb11u2		Expand... http://www.openwall.com/lists/oss-security/2011/11/04/2 http://www.openwall.com/lists/oss-security/2011/11/04/4 https://access.redhat.com/security/cve/CVE-2011-4116 https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14 https://rt.cpan.org/Public/Bug/Display.html?id=69106 https://seclists.org/oss-sec/2011/q4/238
tar	CVE-2005-2541	LOW	1.34+dfsg-1		Expand... http://marc.info/?l=bugtraq&m=112327628230258&w=2 https://access.redhat.com/security/cve/CVE-2005-2541 https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
util-linux	CVE-2021-3995	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
util-linux	CVE-2021-3996	MEDIUM	2.36.1-8	2.36.1-8+deb11u1	Expand... https://access.redhat.com/security/cve/CVE-2021-3996 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://ubuntu.com/security/notices/USN-5279-1 https://www.openwall.com/lists/oss-security/2022/01/24/2
util-linux	CVE-2022-0563	LOW	2.36.1-8		Expand... https://access.redhat.com/security/cve/CVE-2022-0563 https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.netapp.com/advisory/ntap-20220331-0002/
zlib1g	CVE-2018-25032	HIGH	1:1.2.11.dfsg-2	1:1.2.11.dfsg-2+deb11u1	Expand... http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2022/03/25/2 http://www.openwall.com/lists/oss-security/2022/03/26/1 https://access.redhat.com/security/cve/CVE-2018-25032 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 https://errata.almalinux.org/8/ALSA-2022-1642.html https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531 https://github.com/madler/zlib/compare/v1.2.11...v1.2.12 https://github.com/madler/zlib/issues/605 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4 https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5 https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ https://linux.oracle.com/cve/CVE-2018-25032.html https://linux.oracle.com/errata/ELSA-2022-2213.html https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/ https://nvd.nist.gov/vuln/detail/CVE-2018-25032 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://ubuntu.com/security/notices/USN-5355-1 https://ubuntu.com/security/notices/USN-5355-2 https://ubuntu.com/security/notices/USN-5359-1 https://www.debian.org/security/2022/dsa-5111 https://www.openwall.com/lists/oss-security/2022/03/24/1 https://www.openwall.com/lists/oss-security/2022/03/28/1 https://www.openwall.com/lists/oss-security/2022/03/28/3

jar

Package	Vulnerability	Severity	Installed Version	Fixed Version	Links
ch.qos.logback:logback-core	CVE-2021-42550	MEDIUM	1.2.3	1.2.9	Expand... http://logback.qos.ch/news.html https://access.redhat.com/security/cve/CVE-2021-42550 https://cve.report/CVE-2021-42550 https://github.com/advisories/GHSA-668q-qrv7-99fm https://github.com/cn-panda/logbackRceDemo https://github.com/qos-ch/logback/blob/1502cba4c1dfd135b2e715bc0cf80c0045d4d128/logback-site/src/site/pages/news.html https://github.com/qos-ch/logback/commit/87291079a1de9369ac67e20dc70a8fdc7cc4359c https://github.com/qos-ch/logback/commit/ef4fc4186b74b45ce80d86833820106ff27edd42 https://jira.qos.ch/browse/LOGBACK-1591 https://nvd.nist.gov/vuln/detail/CVE-2021-42550 https://security.netapp.com/advisory/ntap-20211229-0001/
com.fasterxml.jackson.core:jackson-databind	CVE-2020-25649	HIGH	2.10.1	2.6.7.4, 2.9.10.7, 2.10.5.1	Expand... https://access.redhat.com/security/cve/CVE-2020-25649 https://bugzilla.redhat.com/show_bug.cgi?id=1887664 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25649 https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1) https://github.com/FasterXML/jackson-databind/issues/2589 https://github.com/advisories/GHSA-288c-cq4h-88gq https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386@%3Ccommits.turbine.apache.org%3E https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1@%3Cdev.hive.apache.org%3E https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83@%3Ccommits.servicecomb.apache.org%3E https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb@%3Ccommits.karaf.apache.org%3E https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd@%3Cissues.flink.apache.org%3E https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042@%3Creviews.iotdb.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61@%3Cdev.knox.apache.org%3E https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb@%3Creviews.iotdb.apache.org%3E https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07@%3Ccommits.iotdb.apache.org%3E https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8@%3Cnotifications.iotdb.apache.org%3E https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60@%3Creviews.iotdb.apache.org%3E https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3@%3Cuser.spark.apache.org%3E https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22@%3Ccommits.karaf.apache.org%3E https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a@%3Ccommits.tomee.apache.org%3E https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3@%3Cissues.flink.apache.org%3E https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb@%3Cdev.knox.apache.org%3E https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1@%3Ccommits.karaf.apache.org%3E https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca@%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402@%3Ccommits.karaf.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/ https://nvd.nist.gov/vuln/detail/CVE-2020-25649 https://security.netapp.com/advisory/ntap-20210108-0007/ https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	HIGH	2.10.1	2.12.6.1, 2.13.2.1	Expand... https://access.redhat.com/security/cve/CVE-2020-36518 https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b https://github.com/FasterXML/jackson-databind/issues/2816 https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12 https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13 https://github.com/advisories/GHSA-57j2-w4cx-62h2 https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2020-36518 https://security.netapp.com/advisory/ntap-20220506-0004/ https://www.oracle.com/security-alerts/cpuapr2022.html

198 KiB Raw Blame History Unescape Escape

Security Overview

Helm-Chart

Scan Results

Chart Object: promcord/templates/common.yaml

Containers

Detected Containers

Scan Results

Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)

Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)

Container: tccr.io/truecharts/promcord:latest@sha256:ba9bee8d89b3ce86ca55d1bd29e13deb31f73a004991b17d8d80c73f2cc1c03c (debian 11.1)

198 KiB

Raw Blame History