Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code
TrueChartsClone/charts/stable/htpcmanager/security.md

166 lines
108 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: htpcmanager/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;RELEASE-NAME-htpcmanager&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-htpcmanager&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/misconfig/ksv003">https://avd.aquasec.com/misconfig/ksv003</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/misconfig/ksv003">https://avd.aquasec.com/misconfig/ksv003</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;RELEASE-NAME-htpcmanager&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv012">https://avd.aquasec.com/misconfig/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv012">https://avd.aquasec.com/misconfig/ksv012</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-htpcmanager&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/misconfig/ksv014">https://avd.aquasec.com/misconfig/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/misconfig/ksv014">https://avd.aquasec.com/misconfig/ksv014</a><br></details> |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/misconfig/ksv017">https://avd.aquasec.com/misconfig/ksv017</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | LOW | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-htpcmanager&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv020">https://avd.aquasec.com/misconfig/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | LOW | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv020">https://avd.aquasec.com/misconfig/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | LOW | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-htpcmanager&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv021">https://avd.aquasec.com/misconfig/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | LOW | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-htpcmanager&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv021">https://avd.aquasec.com/misconfig/ksv021</a><br></details> |
| Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW | <details><summary>Expand...</summary> The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles. <br> <hr> <br> Either Pod or Container should set &#39;securityContext.seccompProfile.type&#39; to &#39;RuntimeDefault&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv030">https://avd.aquasec.com/misconfig/ksv030</a><br></details> |
| Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW | <details><summary>Expand...</summary> The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles. <br> <hr> <br> Either Pod or Container should set &#39;securityContext.seccompProfile.type&#39; to &#39;RuntimeDefault&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv030">https://avd.aquasec.com/misconfig/ksv030</a><br></details> |
| Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root UID. <br> <hr> <br> securityContext.runAsUser should be set to a value greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv105">https://avd.aquasec.com/misconfig/ksv105</a><br></details> |
| Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root UID. <br> <hr> <br> securityContext.runAsUser should be set to a value greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv105">https://avd.aquasec.com/misconfig/ksv105</a><br></details> |
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
tccr.io/truecharts/htpcmanager:v2021.11.17
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
**alpine**
| No Vulnerabilities found |
|:---------------------------------|
#### Container: tccr.io/truecharts/htpcmanager:v2021.11.17 (alpine 3.13)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| expat | CVE-2022-22822 | CRITICAL | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22822">https://access.redhat.com/security/cve/CVE-2022-22822</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22822.html">https://linux.oracle.com/cve/CVE-2022-22822.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22822">https://nvd.nist.gov/vuln/detail/CVE-2022-22822</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-22823 | CRITICAL | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22823">https://access.redhat.com/security/cve/CVE-2022-22823</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22823.html">https://linux.oracle.com/cve/CVE-2022-22823.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22823">https://nvd.nist.gov/vuln/detail/CVE-2022-22823</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-22824 | CRITICAL | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22824">https://access.redhat.com/security/cve/CVE-2022-22824</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22824.html">https://linux.oracle.com/cve/CVE-2022-22824.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22824">https://nvd.nist.gov/vuln/detail/CVE-2022-22824</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-23852 | CRITICAL | 2.2.10-r1 | 2.2.10-r3 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-23852">https://access.redhat.com/security/cve/CVE-2022-23852</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852</a><br><a href="https://github.com/libexpat/libexpat/pull/550">https://github.com/libexpat/libexpat/pull/550</a><br><a href="https://linux.oracle.com/cve/CVE-2022-23852.html">https://linux.oracle.com/cve/CVE-2022-23852.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23852">https://nvd.nist.gov/vuln/detail/CVE-2022-23852</a><br><a href="https://security.netapp.com/advisory/ntap-20220217-0001/">https://security.netapp.com/advisory/ntap-20220217-0001/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-23990 | CRITICAL | 2.2.10-r1 | 2.2.10-r3 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-23990">https://access.redhat.com/security/cve/CVE-2022-23990</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990</a><br><a href="https://github.com/libexpat/libexpat/pull/551">https://github.com/libexpat/libexpat/pull/551</a><br><a href="https://linux.oracle.com/cve/CVE-2022-23990.html">https://linux.oracle.com/cve/CVE-2022-23990.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9232.html">https://linux.oracle.com/errata/ELSA-2022-9232.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23990">https://nvd.nist.gov/vuln/detail/CVE-2022-23990</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-25235 | CRITICAL | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25235">https://access.redhat.com/security/cve/CVE-2022-25235</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235</a><br><a href="https://github.com/libexpat/libexpat/pull/562">https://github.com/libexpat/libexpat/pull/562</a><br><a href="https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)">https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)</a><br><a href="https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)">https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)</a><br><a href="https://linux.oracle.com/cve/CVE-2022-25235.html">https://linux.oracle.com/cve/CVE-2022-25235.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9359.html">https://linux.oracle.com/errata/ELSA-2022-9359.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25235">https://nvd.nist.gov/vuln/detail/CVE-2022-25235</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| expat | CVE-2022-25236 | CRITICAL | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html">http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html</a><br><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25236">https://access.redhat.com/security/cve/CVE-2022-25236</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236</a><br><a href="https://github.com/libexpat/libexpat/pull/561">https://github.com/libexpat/libexpat/pull/561</a><br><a href="https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)">https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)</a><br><a href="https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)">https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)</a><br><a href="https://github.com/libexpat/libexpat/pull/577">https://github.com/libexpat/libexpat/pull/577</a><br><a href="https://linux.oracle.com/cve/CVE-2022-25236.html">https://linux.oracle.com/cve/CVE-2022-25236.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9359.html">https://linux.oracle.com/errata/ELSA-2022-9359.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25236">https://nvd.nist.gov/vuln/detail/CVE-2022-25236</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| expat | CVE-2022-25315 | CRITICAL | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25315">https://access.redhat.com/security/cve/CVE-2022-25315</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315</a><br><a href="https://github.com/libexpat/libexpat/pull/559">https://github.com/libexpat/libexpat/pull/559</a><br><a href="https://linux.oracle.com/cve/CVE-2022-25315.html">https://linux.oracle.com/cve/CVE-2022-25315.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9359.html">https://linux.oracle.com/errata/ELSA-2022-9359.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25315">https://nvd.nist.gov/vuln/detail/CVE-2022-25315</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5320-1">https://ubuntu.com/security/notices/USN-5320-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| expat | CVE-2021-45960 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-45960">https://access.redhat.com/security/cve/CVE-2021-45960</a><br><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1217609">https://bugzilla.mozilla.org/show_bug.cgi?id=1217609</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960</a><br><a href="https://github.com/libexpat/libexpat/issues/531">https://github.com/libexpat/libexpat/issues/531</a><br><a href="https://github.com/libexpat/libexpat/pull/534">https://github.com/libexpat/libexpat/pull/534</a><br><a href="https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea">https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea</a><br><a href="https://linux.oracle.com/cve/CVE-2021-45960.html">https://linux.oracle.com/cve/CVE-2021-45960.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-45960">https://nvd.nist.gov/vuln/detail/CVE-2021-45960</a><br><a href="https://security.netapp.com/advisory/ntap-20220121-0004/">https://security.netapp.com/advisory/ntap-20220121-0004/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2021-46143 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-46143">https://access.redhat.com/security/cve/CVE-2021-46143</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143</a><br><a href="https://github.com/libexpat/libexpat/issues/532">https://github.com/libexpat/libexpat/issues/532</a><br><a href="https://github.com/libexpat/libexpat/pull/538">https://github.com/libexpat/libexpat/pull/538</a><br><a href="https://linux.oracle.com/cve/CVE-2021-46143.html">https://linux.oracle.com/cve/CVE-2021-46143.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9227.html">https://linux.oracle.com/errata/ELSA-2022-9227.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-46143">https://nvd.nist.gov/vuln/detail/CVE-2021-46143</a><br><a href="https://security.netapp.com/advisory/ntap-20220121-0006/">https://security.netapp.com/advisory/ntap-20220121-0006/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-22825 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22825">https://access.redhat.com/security/cve/CVE-2022-22825</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22825.html">https://linux.oracle.com/cve/CVE-2022-22825.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22825">https://nvd.nist.gov/vuln/detail/CVE-2022-22825</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-22826 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22826">https://access.redhat.com/security/cve/CVE-2022-22826</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22826.html">https://linux.oracle.com/cve/CVE-2022-22826.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22826">https://nvd.nist.gov/vuln/detail/CVE-2022-22826</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-22827 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22827">https://access.redhat.com/security/cve/CVE-2022-22827</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22827.html">https://linux.oracle.com/cve/CVE-2022-22827.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22827">https://nvd.nist.gov/vuln/detail/CVE-2022-22827</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
| expat | CVE-2022-25314 | HIGH | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25314">https://access.redhat.com/security/cve/CVE-2022-25314</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314</a><br><a href="https://github.com/libexpat/libexpat/pull/560">https://github.com/libexpat/libexpat/pull/560</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25314">https://nvd.nist.gov/vuln/detail/CVE-2022-25314</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5320-1">https://ubuntu.com/security/notices/USN-5320-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| expat | CVE-2022-25313 | MEDIUM | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25313">https://access.redhat.com/security/cve/CVE-2022-25313</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313</a><br><a href="https://github.com/libexpat/libexpat/pull/558">https://github.com/libexpat/libexpat/pull/558</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25313">https://nvd.nist.gov/vuln/detail/CVE-2022-25313</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5320-1">https://ubuntu.com/security/notices/USN-5320-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| freetype | CVE-2022-27404 | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27404">https://access.redhat.com/security/cve/CVE-2022-27404</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db">https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27404">https://nvd.nist.gov/vuln/detail/CVE-2022-27404</a><br></details> |
| freetype | CVE-2022-27405 | HIGH | 2.10.4-r1 | 2.10.4-r3 | <details><summary>Expand...</summary><a href="http://freetype.com">http://freetype.com</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-27405">https://access.redhat.com/security/cve/CVE-2022-27405</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5">https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27405">https://nvd.nist.gov/vuln/detail/CVE-2022-27405</a><br></details> |
| freetype | CVE-2022-27406 | HIGH | 2.10.4-r1 | 2.10.4-r3 | <details><summary>Expand...</summary><a href="http://freetype.com">http://freetype.com</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-27406">https://access.redhat.com/security/cve/CVE-2022-27406</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2">https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27406">https://nvd.nist.gov/vuln/detail/CVE-2022-27406</a><br><a href="https://ubuntu.com/security/notices/USN-5453-1">https://ubuntu.com/security/notices/USN-5453-1</a><br></details> |
| git | CVE-2022-24765 | HIGH | 2.30.2-r0 | 2.30.3-r0 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/May/31">http://seclists.org/fulldisclosure/2022/May/31</a><br><a href="http://www.openwall.com/lists/oss-security/2022/04/12/7">http://www.openwall.com/lists/oss-security/2022/04/12/7</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-24765">https://access.redhat.com/security/cve/CVE-2022-24765</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765</a><br><a href="https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash">https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash</a><br><a href="https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode">https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode</a><br><a href="https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2">https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/</a><br><a href="https://support.apple.com/kb/HT213261">https://support.apple.com/kb/HT213261</a><br><a href="https://ubuntu.com/security/notices/USN-5376-1">https://ubuntu.com/security/notices/USN-5376-1</a><br><a href="https://ubuntu.com/security/notices/USN-5376-2">https://ubuntu.com/security/notices/USN-5376-2</a><br><a href="https://ubuntu.com/security/notices/USN-5376-3">https://ubuntu.com/security/notices/USN-5376-3</a><br></details> |
| libcrypto1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html">http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html</a><br><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-0778">https://access.redhat.com/security/cve/CVE-2022-0778</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf</a><br><a href="https://crates.io/crates/openssl-src">https://crates.io/crates/openssl-src</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1065.html">https://errata.almalinux.org/8/ALSA-2022-1065.html</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0778.html">https://linux.oracle.com/cve/CVE-2022-0778.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9272.html">https://linux.oracle.com/errata/ELSA-2022-9272.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0778">https://nvd.nist.gov/vuln/detail/CVE-2022-0778</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0014.html">https://rustsec.org/advisories/RUSTSEC-2022-0014.html</a><br><a href="https://security.netapp.com/advisory/ntap-20220321-0002/">https://security.netapp.com/advisory/ntap-20220321-0002/</a><br><a href="https://security.netapp.com/advisory/ntap-20220429-0005/">https://security.netapp.com/advisory/ntap-20220429-0005/</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5328-1">https://ubuntu.com/security/notices/USN-5328-1</a><br><a href="https://ubuntu.com/security/notices/USN-5328-2">https://ubuntu.com/security/notices/USN-5328-2</a><br><a href="https://www.debian.org/security/2022/dsa-5103">https://www.debian.org/security/2022/dsa-5103</a><br><a href="https://www.openssl.org/news/secadv/20220315.txt">https://www.openssl.org/news/secadv/20220315.txt</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.tenable.com/security/tns-2022-06">https://www.tenable.com/security/tns-2022-06</a><br><a href="https://www.tenable.com/security/tns-2022-07">https://www.tenable.com/security/tns-2022-07</a><br><a href="https://www.tenable.com/security/tns-2022-08">https://www.tenable.com/security/tns-2022-08</a><br><a href="https://www.tenable.com/security/tns-2022-09">https://www.tenable.com/security/tns-2022-09</a><br></details> |
| libcurl | CVE-2022-22576 | HIGH | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22576">https://nvd.nist.gov/vuln/detail/CVE-2022-22576</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27775 | HIGH | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://hackerone.com/reports/1546268">https://hackerone.com/reports/1546268</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27775">https://nvd.nist.gov/vuln/detail/CVE-2022-27775</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27774 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27774">https://nvd.nist.gov/vuln/detail/CVE-2022-27774</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27776 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27776">https://nvd.nist.gov/vuln/detail/CVE-2022-27776</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libssl1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html">http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html</a><br><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-0778">https://access.redhat.com/security/cve/CVE-2022-0778</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf</a><br><a href="https://crates.io/crates/openssl-src">https://crates.io/crates/openssl-src</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1065.html">https://errata.almalinux.org/8/ALSA-2022-1065.html</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0778.html">https://linux.oracle.com/cve/CVE-2022-0778.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9272.html">https://linux.oracle.com/errata/ELSA-2022-9272.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0778">https://nvd.nist.gov/vuln/detail/CVE-2022-0778</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0014.html">https://rustsec.org/advisories/RUSTSEC-2022-0014.html</a><br><a href="https://security.netapp.com/advisory/ntap-20220321-0002/">https://security.netapp.com/advisory/ntap-20220321-0002/</a><br><a href="https://security.netapp.com/advisory/ntap-20220429-0005/">https://security.netapp.com/advisory/ntap-20220429-0005/</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5328-1">https://ubuntu.com/security/notices/USN-5328-1</a><br><a href="https://ubuntu.com/security/notices/USN-5328-2">https://ubuntu.com/security/notices/USN-5328-2</a><br><a href="https://www.debian.org/security/2022/dsa-5103">https://www.debian.org/security/2022/dsa-5103</a><br><a href="https://www.openssl.org/news/secadv/20220315.txt">https://www.openssl.org/news/secadv/20220315.txt</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.tenable.com/security/tns-2022-06">https://www.tenable.com/security/tns-2022-06</a><br><a href="https://www.tenable.com/security/tns-2022-07">https://www.tenable.com/security/tns-2022-07</a><br><a href="https://www.tenable.com/security/tns-2022-08">https://www.tenable.com/security/tns-2022-08</a><br><a href="https://www.tenable.com/security/tns-2022-09">https://www.tenable.com/security/tns-2022-09</a><br></details> |
| pcre2 | CVE-2022-1586 | CRITICAL | 10.36-r0 | 10.36-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1586">https://access.redhat.com/security/cve/CVE-2022-1586</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077976,">https://bugzilla.redhat.com/show_bug.cgi?id=2077976,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,">https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c">https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1586">https://nvd.nist.gov/vuln/detail/CVE-2022-1586</a><br></details> |
| pcre2 | CVE-2022-1587 | CRITICAL | 10.36-r0 | 10.36-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1587">https://access.redhat.com/security/cve/CVE-2022-1587</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077983,">https://bugzilla.redhat.com/show_bug.cgi?id=2077983,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0">https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1587">https://nvd.nist.gov/vuln/detail/CVE-2022-1587</a><br></details> |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| xz | CVE-2022-1271 | HIGH | 5.2.5-r0 | 5.2.5-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1271">https://access.redhat.com/security/cve/CVE-2022-1271</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1537.html">https://errata.almalinux.org/8/ALSA-2022-1537.html</a><br><a href="https://linux.oracle.com/cve/CVE-2022-1271.html">https://linux.oracle.com/cve/CVE-2022-1271.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-5052.html">https://linux.oracle.com/errata/ELSA-2022-5052.html</a><br><a href="https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html">https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html</a><br><a href="https://ubuntu.com/security/notices/USN-5378-1">https://ubuntu.com/security/notices/USN-5378-1</a><br><a href="https://ubuntu.com/security/notices/USN-5378-2">https://ubuntu.com/security/notices/USN-5378-2</a><br><a href="https://ubuntu.com/security/notices/USN-5378-3">https://ubuntu.com/security/notices/USN-5378-3</a><br><a href="https://ubuntu.com/security/notices/USN-5378-4">https://ubuntu.com/security/notices/USN-5378-4</a><br><a href="https://www.openwall.com/lists/oss-security/2022/04/07/8">https://www.openwall.com/lists/oss-security/2022/04/07/8</a><br></details> |
| xz-libs | CVE-2022-1271 | HIGH | 5.2.5-r0 | 5.2.5-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1271">https://access.redhat.com/security/cve/CVE-2022-1271</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1537.html">https://errata.almalinux.org/8/ALSA-2022-1537.html</a><br><a href="https://linux.oracle.com/cve/CVE-2022-1271.html">https://linux.oracle.com/cve/CVE-2022-1271.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-5052.html">https://linux.oracle.com/errata/ELSA-2022-5052.html</a><br><a href="https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html">https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html</a><br><a href="https://ubuntu.com/security/notices/USN-5378-1">https://ubuntu.com/security/notices/USN-5378-1</a><br><a href="https://ubuntu.com/security/notices/USN-5378-2">https://ubuntu.com/security/notices/USN-5378-2</a><br><a href="https://ubuntu.com/security/notices/USN-5378-3">https://ubuntu.com/security/notices/USN-5378-3</a><br><a href="https://ubuntu.com/security/notices/USN-5378-4">https://ubuntu.com/security/notices/USN-5378-4</a><br><a href="https://www.openwall.com/lists/oss-security/2022/04/07/8">https://www.openwall.com/lists/oss-security/2022/04/07/8</a><br></details> |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-2201.html">https://errata.almalinux.org/8/ALSA-2022-2201.html</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-2213.html">https://linux.oracle.com/errata/ELSA-2022-2213.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://security.netapp.com/advisory/ntap-20220526-0009/">https://security.netapp.com/advisory/ntap-20220526-0009/</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://ubuntu.com/security/notices/USN-5359-2">https://ubuntu.com/security/notices/USN-5359-2</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
**python-pkg**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| Pillow | CVE-2022-22817 | CRITICAL | 8.4.0 | 9.0.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22817">https://access.redhat.com/security/cve/CVE-2022-22817</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817</a><br><a href="https://github.com/advisories/GHSA-8vj2-vxx3-667w">https://github.com/advisories/GHSA-8vj2-vxx3-667w</a><br><a href="https://github.com/python-pillow/Pillow/commit/8531b01d6cdf0b70f256f93092caa2a5d91afc11">https://github.com/python-pillow/Pillow/commit/8531b01d6cdf0b70f256f93092caa2a5d91afc11</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22817.html">https://linux.oracle.com/cve/CVE-2022-22817.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0643.html">https://linux.oracle.com/errata/ELSA-2022-0643.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22817">https://nvd.nist.gov/vuln/detail/CVE-2022-22817</a><br><a href="https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling">https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling</a><br><a href="https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval">https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval</a><br><a href="https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security">https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security</a><br><a href="https://ubuntu.com/security/notices/USN-5227-1">https://ubuntu.com/security/notices/USN-5227-1</a><br><a href="https://ubuntu.com/security/notices/USN-5227-2">https://ubuntu.com/security/notices/USN-5227-2</a><br><a href="https://www.debian.org/security/2022/dsa-5053">https://www.debian.org/security/2022/dsa-5053</a><br></details> |
| Pillow | CVE-2022-24303 | CRITICAL | 8.4.0 | 9.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-24303">https://access.redhat.com/security/cve/CVE-2022-24303</a><br><a href="https://github.com/advisories/GHSA-9j59-75qj-795w">https://github.com/advisories/GHSA-9j59-75qj-795w</a><br><a href="https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2022-168.yaml">https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2022-168.yaml</a><br><a href="https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26">https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26</a><br><a href="https://github.com/python-pillow/Pillow/pull/3450">https://github.com/python-pillow/Pillow/pull/3450</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W4ZUXPKEX72O3E5IHBPVY5ZCPMJ4GHHV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W4ZUXPKEX72O3E5IHBPVY5ZCPMJ4GHHV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XR6UP2XONXOVXI4446VY72R63YRO2YTP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XR6UP2XONXOVXI4446VY72R63YRO2YTP/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-24303">https://nvd.nist.gov/vuln/detail/CVE-2022-24303</a><br><a href="https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html">https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html</a><br><a href="https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security">https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security</a><br></details> |
| Pillow | CVE-2022-22815 | MEDIUM | 8.4.0 | 9.0.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22815">https://access.redhat.com/security/cve/CVE-2022-22815</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22815">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22815</a><br><a href="https://github.com/advisories/GHSA-pw3c-h7wp-cvhx">https://github.com/advisories/GHSA-pw3c-h7wp-cvhx</a><br><a href="https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331">https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331</a><br><a href="https://github.com/python-pillow/Pillow/commit/c48271ab354db49cdbd740bc45e13be4f0f7993c">https://github.com/python-pillow/Pillow/commit/c48271ab354db49cdbd740bc45e13be4f0f7993c</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22815">https://nvd.nist.gov/vuln/detail/CVE-2022-22815</a><br><a href="https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling">https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling</a><br><a href="https://ubuntu.com/security/notices/USN-5227-1">https://ubuntu.com/security/notices/USN-5227-1</a><br><a href="https://ubuntu.com/security/notices/USN-5227-2">https://ubuntu.com/security/notices/USN-5227-2</a><br><a href="https://www.debian.org/security/2022/dsa-5053">https://www.debian.org/security/2022/dsa-5053</a><br></details> |
| Pillow | CVE-2022-22816 | MEDIUM | 8.4.0 | 9.0.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22816">https://access.redhat.com/security/cve/CVE-2022-22816</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22816">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22816</a><br><a href="https://github.com/advisories/GHSA-xrcv-f9gm-v42c">https://github.com/advisories/GHSA-xrcv-f9gm-v42c</a><br><a href="https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331">https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22816.html">https://linux.oracle.com/cve/CVE-2022-22816.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0643.html">https://linux.oracle.com/errata/ELSA-2022-0643.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html">https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22816">https://nvd.nist.gov/vuln/detail/CVE-2022-22816</a><br><a href="https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling">https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling</a><br><a href="https://ubuntu.com/security/notices/USN-5227-1">https://ubuntu.com/security/notices/USN-5227-1</a><br><a href="https://ubuntu.com/security/notices/USN-5227-2">https://ubuntu.com/security/notices/USN-5227-2</a><br><a href="https://www.debian.org/security/2022/dsa-5053">https://www.debian.org/security/2022/dsa-5053</a><br></details> |
| Pillow | GHSA-4fx9-vc88-q2xc | LOW | 8.4.0 | 9.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-4fx9-vc88-q2xc">https://github.com/advisories/GHSA-4fx9-vc88-q2xc</a><br><a href="https://github.com/python-pillow/Pillow/commit/baae9ec4b67c68e3adaf1208cf54e8de5e38a6fd">https://github.com/python-pillow/Pillow/commit/baae9ec4b67c68e3adaf1208cf54e8de5e38a6fd</a><br><a href="https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#ensure-jpegimageplugin-stops-at-the-end-of-a-truncated-file">https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#ensure-jpegimageplugin-stops-at-the-end-of-a-truncated-file</a><br></details> |
| paramiko | CVE-2022-24302 | MEDIUM | 2.8.0 | 2.10.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-24302">https://access.redhat.com/security/cve/CVE-2022-24302</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24302">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24302</a><br><a href="https://github.com/advisories/GHSA-f8q4-jwww-x3wv">https://github.com/advisories/GHSA-f8q4-jwww-x3wv</a><br><a href="https://github.com/paramiko/paramiko/blob/363a28d94cada17f012c1604a3c99c71a2bda003/paramiko/pkey.py#L546">https://github.com/paramiko/paramiko/blob/363a28d94cada17f012c1604a3c99c71a2bda003/paramiko/pkey.py#L546</a><br><a href="https://github.com/paramiko/paramiko/commit/4c491e299c9b800358b16fa4886d8d94f45abe2e">https://github.com/paramiko/paramiko/commit/4c491e299c9b800358b16fa4886d8d94f45abe2e</a><br><a href="https://github.com/paramiko/paramiko/releases/tag/2.10.1">https://github.com/paramiko/paramiko/releases/tag/2.10.1</a><br><a href="https://github.com/pypa/advisory-database/tree/main/vulns/paramiko/PYSEC-2022-166.yaml">https://github.com/pypa/advisory-database/tree/main/vulns/paramiko/PYSEC-2022-166.yaml</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00032.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00032.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LUEUEGILZ7MQXRSUF5VMMO4SWJQVPTQL/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LUEUEGILZ7MQXRSUF5VMMO4SWJQVPTQL/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPMKRUS4HO3P7NR7P4Y6CLHB4MBEE3AI/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPMKRUS4HO3P7NR7P4Y6CLHB4MBEE3AI/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U63MJ2VOLLQ35R7CYNREUHSXYLWNPVSB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U63MJ2VOLLQ35R7CYNREUHSXYLWNPVSB/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-24302">https://nvd.nist.gov/vuln/detail/CVE-2022-24302</a><br><a href="https://ubuntu.com/security/notices/USN-5351-1">https://ubuntu.com/security/notices/USN-5351-1</a><br><a href="https://ubuntu.com/security/notices/USN-5351-2">https://ubuntu.com/security/notices/USN-5351-2</a><br><a href="https://www.paramiko.org/changelog.html">https://www.paramiko.org/changelog.html</a><br></details> |
**cargo**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| chrono | RUSTSEC-2020-0159 | UNKNOWN | 0.4.19 | | <details><summary>Expand...</summary><a href="https://crates.io/crates/chrono">https://crates.io/crates/chrono</a><br><a href="https://github.com/chronotope/chrono/issues/499">https://github.com/chronotope/chrono/issues/499</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2020-0159.html">https://rustsec.org/advisories/RUSTSEC-2020-0159.html</a><br></details> |
**cargo**
| No Vulnerabilities found |
|:---------------------------------|
**cargo**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| crossbeam-deque | CVE-2021-32810 | CRITICAL | 0.7.3 | 0.7.4, 0.8.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38496.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38496.json</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38497.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38497.json</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38500.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38500.json</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-32810">https://access.redhat.com/security/cve/CVE-2021-32810</a><br><a href="https://crates.io/crates/crossbeam-deque">https://crates.io/crates/crossbeam-deque</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810</a><br><a href="https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw">https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw</a><br><a href="https://linux.oracle.com/cve/CVE-2021-32810.html">https://linux.oracle.com/cve/CVE-2021-32810.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3841.html">https://linux.oracle.com/errata/ELSA-2021-3841.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2021-0093.html">https://rustsec.org/advisories/RUSTSEC-2021-0093.html</a><br><a href="https://ubuntu.com/security/notices/USN-5132-1">https://ubuntu.com/security/notices/USN-5132-1</a><br><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-32810">https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-32810</a><br></details> |
| regex | CVE-2022-24713 | HIGH | 1.3.9 | 1.5.5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-24713">https://access.redhat.com/security/cve/CVE-2022-24713</a><br><a href="https://crates.io/crates/regex">https://crates.io/crates/regex</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713</a><br><a href="https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e">https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e</a><br><a href="https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8">https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8</a><br><a href="https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw">https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw</a><br><a href="https://linux.oracle.com/cve/CVE-2022-24713.html">https://linux.oracle.com/cve/CVE-2022-24713.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1302.html">https://linux.oracle.com/errata/ELSA-2022-1302.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0013.html">https://rustsec.org/advisories/RUSTSEC-2022-0013.html</a><br><a href="https://ubuntu.com/security/notices/USN-5370-1">https://ubuntu.com/security/notices/USN-5370-1</a><br><a href="https://www.debian.org/security/2022/dsa-5113">https://www.debian.org/security/2022/dsa-5113</a><br><a href="https://www.debian.org/security/2022/dsa-5118">https://www.debian.org/security/2022/dsa-5118</a><br><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/">https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/</a><br></details> |
**cargo**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| regex | CVE-2022-24713 | HIGH | 1.2.0 | 1.5.5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-24713">https://access.redhat.com/security/cve/CVE-2022-24713</a><br><a href="https://crates.io/crates/regex">https://crates.io/crates/regex</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713</a><br><a href="https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e">https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e</a><br><a href="https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8">https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8</a><br><a href="https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw">https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw</a><br><a href="https://linux.oracle.com/cve/CVE-2022-24713.html">https://linux.oracle.com/cve/CVE-2022-24713.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1302.html">https://linux.oracle.com/errata/ELSA-2022-1302.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0013.html">https://rustsec.org/advisories/RUSTSEC-2022-0013.html</a><br><a href="https://ubuntu.com/security/notices/USN-5370-1">https://ubuntu.com/security/notices/USN-5370-1</a><br><a href="https://www.debian.org/security/2022/dsa-5113">https://www.debian.org/security/2022/dsa-5113</a><br><a href="https://www.debian.org/security/2022/dsa-5118">https://www.debian.org/security/2022/dsa-5118</a><br><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/">https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/</a><br></details> |
| thread_local | RUSTSEC-2022-0006 | UNKNOWN | 0.3.6 | 1.1.4 | <details><summary>Expand...</summary><a href="https://crates.io/crates/thread_local">https://crates.io/crates/thread_local</a><br><a href="https://github.com/Amanieu/thread_local-rs/issues/33">https://github.com/Amanieu/thread_local-rs/issues/33</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0006.html">https://rustsec.org/advisories/RUSTSEC-2022-0006.html</a><br></details> |
**cargo**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| regex | CVE-2022-24713 | HIGH | 1.5.4 | 1.5.5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-24713">https://access.redhat.com/security/cve/CVE-2022-24713</a><br><a href="https://crates.io/crates/regex">https://crates.io/crates/regex</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713</a><br><a href="https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e">https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e</a><br><a href="https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8">https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8</a><br><a href="https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw">https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw</a><br><a href="https://linux.oracle.com/cve/CVE-2022-24713.html">https://linux.oracle.com/cve/CVE-2022-24713.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1302.html">https://linux.oracle.com/errata/ELSA-2022-1302.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0013.html">https://rustsec.org/advisories/RUSTSEC-2022-0013.html</a><br><a href="https://ubuntu.com/security/notices/USN-5370-1">https://ubuntu.com/security/notices/USN-5370-1</a><br><a href="https://www.debian.org/security/2022/dsa-5113">https://www.debian.org/security/2022/dsa-5113</a><br><a href="https://www.debian.org/security/2022/dsa-5118">https://www.debian.org/security/2022/dsa-5118</a><br><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/">https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/</a><br></details> |
**cargo**
| No Vulnerabilities found |
|:---------------------------------|
****
| No Vulnerabilities found |
|:---------------------------------|
View Git Blame Copy Permalink