TrueChartsClone/charts/stable/minio/security.md

79 KiB
Raw Blame History

hide
toc

Security Overview

Helm-Chart

Scan Results

Chart Object: minio/templates/common.yaml

Type Misconfiguration ID Check Severity Explaination Links
Kubernetes Security Check KSV001 Process can elevate its own privileges MEDIUM
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.allowPrivilegeEscalation' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
Kubernetes Security Check KSV001 Process can elevate its own privileges MEDIUM
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.allowPrivilegeEscalation' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/misconfig/ksv003
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/misconfig/ksv003
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv012
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/misconfig/ksv014
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/misconfig/ksv014
Kubernetes Security Check KSV017 Privileged container HIGH
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.privileged' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/misconfig/ksv017
Kubernetes Security Check KSV020 Runs with low user ID LOW
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv020
Kubernetes Security Check KSV020 Runs with low user ID LOW
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv020
Kubernetes Security Check KSV021 Runs with low group ID LOW
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv021
Kubernetes Security Check KSV021 Runs with low group ID LOW
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv021
Kubernetes Security Check KSV030 Default Seccomp profile not set LOW
Expand... The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.


Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv030
Kubernetes Security Check KSV030 Default Seccomp profile not set LOW
Expand... The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.


Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv030
Kubernetes Security Check KSV105 Containers must not set runAsUser to 0 LOW
Expand... Containers should be forbidden from running with a root UID.


securityContext.runAsUser should be set to a value greater than 0
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv105
Kubernetes Security Check KSV106 Container capabilities must only include NET_BIND_SERVICE LOW
Expand... Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.


container should drop all
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv106
Kubernetes Security Check KSV106 Container capabilities must only include NET_BIND_SERVICE LOW
Expand... Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.


container should drop all
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv106

Containers

Detected Containers
      tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
      tccr.io/truecharts/minio:latest@sha256:59c95a314afd4e9a6a3b6f3f28801f42faa5d45a5468719a4ca2f346b28bc25b
Scan Results

Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
curl CVE-2022-32205 MEDIUM 7.83.1-r1 7.83.1-r2
Expand...https://access.redhat.com/security/cve/CVE-2022-32205
https://curl.se/docs/CVE-2022-32205.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
https://ubuntu.com/security/notices/USN-5495-1
curl CVE-2022-32206 MEDIUM 7.83.1-r1 7.83.1-r2
Expand...https://access.redhat.com/security/cve/CVE-2022-32206
https://curl.se/docs/CVE-2022-32206.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
https://ubuntu.com/security/notices/USN-5495-1
curl CVE-2022-32207 MEDIUM 7.83.1-r1 7.83.1-r2
Expand...https://access.redhat.com/security/cve/CVE-2022-32207
https://curl.se/docs/CVE-2022-32207.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
https://ubuntu.com/security/notices/USN-5495-1
curl CVE-2022-32208 MEDIUM 7.83.1-r1 7.83.1-r2
Expand...https://access.redhat.com/security/cve/CVE-2022-32208
https://curl.se/docs/CVE-2022-32208.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
https://ubuntu.com/security/notices/USN-5495-1
libcurl CVE-2022-32205 MEDIUM 7.83.1-r1 7.83.1-r2
Expand...https://access.redhat.com/security/cve/CVE-2022-32205
https://curl.se/docs/CVE-2022-32205.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
https://ubuntu.com/security/notices/USN-5495-1
libcurl CVE-2022-32206 MEDIUM 7.83.1-r1 7.83.1-r2
Expand...https://access.redhat.com/security/cve/CVE-2022-32206
https://curl.se/docs/CVE-2022-32206.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
https://ubuntu.com/security/notices/USN-5495-1
libcurl CVE-2022-32207 MEDIUM 7.83.1-r1 7.83.1-r2
Expand...https://access.redhat.com/security/cve/CVE-2022-32207
https://curl.se/docs/CVE-2022-32207.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
https://ubuntu.com/security/notices/USN-5495-1
libcurl CVE-2022-32208 MEDIUM 7.83.1-r1 7.83.1-r2
Expand...https://access.redhat.com/security/cve/CVE-2022-32208
https://curl.se/docs/CVE-2022-32208.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
https://ubuntu.com/security/notices/USN-5495-1

Container: tccr.io/truecharts/minio:latest@sha256:59c95a314afd4e9a6a3b6f3f28801f42faa5d45a5468719a4ca2f346b28bc25b (redhat 8.6)

redhat

Package Vulnerability Severity Installed Version Fixed Version Links
bzip2-libs CVE-2019-12900 LOW 1.0.6-26.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html
http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
https://access.redhat.com/security/cve/CVE-2019-12900
https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2019-12900
https://seclists.org/bugtraq/2019/Aug/4
https://seclists.org/bugtraq/2019/Jul/22
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4038-1
https://ubuntu.com/security/notices/USN-4038-2
https://ubuntu.com/security/notices/USN-4038-3
https://ubuntu.com/security/notices/USN-4038-4
https://ubuntu.com/security/notices/USN-4146-1
https://ubuntu.com/security/notices/USN-4146-2
https://usn.ubuntu.com/4038-1/
https://usn.ubuntu.com/4038-2/
https://usn.ubuntu.com/4146-1/
https://usn.ubuntu.com/4146-2/
https://www.oracle.com/security-alerts/cpuoct2020.html
curl CVE-2022-32206 MEDIUM 7.61.1-22.el8_6.3
Expand...https://access.redhat.com/security/cve/CVE-2022-32206
https://curl.se/docs/CVE-2022-32206.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
https://ubuntu.com/security/notices/USN-5495-1
curl CVE-2022-32208 MEDIUM 7.61.1-22.el8_6.3
Expand...https://access.redhat.com/security/cve/CVE-2022-32208
https://curl.se/docs/CVE-2022-32208.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
https://ubuntu.com/security/notices/USN-5495-1
file-libs CVE-2019-8905 LOW 5.33-20.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
http://www.securityfocus.com/bid/107137
https://access.redhat.com/security/cve/CVE-2019-8905
https://bugs.astron.com/view.php?id=63
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905
https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html
https://ubuntu.com/security/notices/USN-3911-1
https://usn.ubuntu.com/3911-1/
file-libs CVE-2019-8906 LOW 5.33-20.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
https://access.redhat.com/security/cve/CVE-2019-8906
https://bugs.astron.com/view.php?id=64
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906
https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f
https://support.apple.com/kb/HT209599
https://support.apple.com/kb/HT209600
https://support.apple.com/kb/HT209601
https://support.apple.com/kb/HT209602
https://ubuntu.com/security/notices/USN-3911-1
https://usn.ubuntu.com/3911-1/
glib2 CVE-2018-16428 LOW 2.56.4-158.el8
Expand...http://www.openwall.com/lists/oss-security/2020/02/14/3
http://www.securityfocus.com/bid/105210
https://access.redhat.com/security/cve/CVE-2018-16428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16428
https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9
https://gitlab.gnome.org/GNOME/glib/issues/1364
https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html
https://ubuntu.com/security/notices/USN-3767-1
https://ubuntu.com/security/notices/USN-3767-2
https://usn.ubuntu.com/3767-1/
https://usn.ubuntu.com/3767-2/
gmp CVE-2021-43618 LOW 1:6.1.2-10.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-43618
https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43618
gnutls CVE-2021-4209 LOW 3.6.16-4.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-4209
krb5-libs CVE-2020-17049 MEDIUM 1.18.2-14.el8
Expand...http://www.openwall.com/lists/oss-security/2021/11/10/3
https://access.redhat.com/security/cve/CVE-2020-17049
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049
libarchive CVE-2020-21674 MEDIUM 3.3.3-3.el8_5
Expand...https://access.redhat.com/security/cve/CVE-2020-21674
https://github.com/libarchive/libarchive/commit/4f085eea879e2be745f4d9bf57e8513ae48157f4
https://github.com/libarchive/libarchive/issues/1298
libarchive CVE-2017-14166 LOW 3.3.3-3.el8_5
Expand...http://www.openwall.com/lists/oss-security/2017/09/06/5
https://access.redhat.com/security/cve/CVE-2017-14166
https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71
https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html
https://security.gentoo.org/glsa/201908-11
https://ubuntu.com/security/notices/USN-3736-1
https://usn.ubuntu.com/3736-1/
https://www.debian.org/security/2018/dsa-4360
libarchive CVE-2017-14501 LOW 3.3.3-3.el8_5
Expand...https://access.redhat.com/security/cve/CVE-2017-14501
https://bugs.debian.org/875966
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
https://github.com/libarchive/libarchive/issues/949
https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html
https://security.gentoo.org/glsa/201908-11
https://ubuntu.com/security/notices/USN-3736-1
https://usn.ubuntu.com/3736-1/
https://www.debian.org/security/2018/dsa-4360
libarchive CVE-2018-1000879 LOW 3.3.3-3.el8_5
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html
http://www.securityfocus.com/bid/106324
https://access.redhat.com/security/cve/CVE-2018-1000879
https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
https://github.com/libarchive/libarchive/pull/1105
https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/
libarchive CVE-2018-1000880 LOW 3.3.3-3.el8_5
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html
http://www.securityfocus.com/bid/106324
https://access.redhat.com/security/cve/CVE-2018-1000880
https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
https://github.com/libarchive/libarchive/pull/1105
https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/
https://ubuntu.com/security/notices/USN-3859-1
https://usn.ubuntu.com/3859-1/
https://www.debian.org/security/2018/dsa-4360
libcom_err CVE-2022-1304 MEDIUM 1.45.6-4.el8
Expand...https://access.redhat.com/security/cve/CVE-2022-1304
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
https://marc.info/?l=linux-ext4&m=165056234501732&w=2
https://nvd.nist.gov/vuln/detail/CVE-2022-1304
https://ubuntu.com/security/notices/USN-5464-1
libcurl CVE-2022-32206 MEDIUM 7.61.1-22.el8_6.3
Expand...https://access.redhat.com/security/cve/CVE-2022-32206
https://curl.se/docs/CVE-2022-32206.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
https://ubuntu.com/security/notices/USN-5495-1
libcurl CVE-2022-32208 MEDIUM 7.61.1-22.el8_6.3
Expand...https://access.redhat.com/security/cve/CVE-2022-32208
https://curl.se/docs/CVE-2022-32208.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
https://ubuntu.com/security/notices/USN-5495-1
libgcc CVE-2021-42694 MEDIUM 8.5.0-10.1.el8_6
Expand...http://www.openwall.com/lists/oss-security/2021/11/01/1
http://www.openwall.com/lists/oss-security/2021/11/01/6
http://www.unicode.org/versions/Unicode14.0.0/
https://access.redhat.com/security/cve/CVE-2021-42694
https://cwe.mitre.org/data/definitions/1007.html
https://trojansource.codes
https://trojansource.codes/
https://www.kb.cert.org/vuls/id/999008
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
https://www.scyon.nl/post/trojans-in-your-source-code
https://www.unicode.org/reports/tr36/
https://www.unicode.org/reports/tr36/#Canonical_Represenation
https://www.unicode.org/reports/tr39/
libgcc CVE-2022-27943 MEDIUM 8.5.0-10.1.el8_6
Expand...https://access.redhat.com/security/cve/CVE-2022-27943
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039
https://sourceware.org/bugzilla/show_bug.cgi?id=28995
libgcc CVE-2018-20657 LOW 8.5.0-10.1.el8_6
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://access.redhat.com/security/cve/CVE-2018-20657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
libgcc CVE-2019-14250 LOW 8.5.0-10.1.el8_6
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html
http://www.securityfocus.com/bid/109354
https://access.redhat.com/security/cve/CVE-2019-14250
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924
https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html
https://nvd.nist.gov/vuln/detail/CVE-2019-14250
https://security.gentoo.org/glsa/202007-39
https://security.netapp.com/advisory/ntap-20190822-0002/
https://ubuntu.com/security/notices/USN-4326-1
https://ubuntu.com/security/notices/USN-4336-1
https://ubuntu.com/security/notices/USN-4336-2
https://usn.ubuntu.com/4326-1/
https://usn.ubuntu.com/4336-1/
libgcrypt CVE-2019-12904 MEDIUM 1.8.5-7.el8_6
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html
https://access.redhat.com/security/cve/CVE-2019-12904
https://dev.gnupg.org/T4541
https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html
libsolv CVE-2021-44568 MEDIUM 0.7.20-1.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-44568
https://github.com/openSUSE/libsolv/issues/425
https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1940
https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_dependencies-1995
libstdc++ CVE-2021-42694 MEDIUM 8.5.0-10.1.el8_6
Expand...http://www.openwall.com/lists/oss-security/2021/11/01/1
http://www.openwall.com/lists/oss-security/2021/11/01/6
http://www.unicode.org/versions/Unicode14.0.0/
https://access.redhat.com/security/cve/CVE-2021-42694
https://cwe.mitre.org/data/definitions/1007.html
https://trojansource.codes
https://trojansource.codes/
https://www.kb.cert.org/vuls/id/999008
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
https://www.scyon.nl/post/trojans-in-your-source-code
https://www.unicode.org/reports/tr36/
https://www.unicode.org/reports/tr36/#Canonical_Represenation
https://www.unicode.org/reports/tr39/
libstdc++ CVE-2022-27943 MEDIUM 8.5.0-10.1.el8_6
Expand...https://access.redhat.com/security/cve/CVE-2022-27943
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039
https://sourceware.org/bugzilla/show_bug.cgi?id=28995
libstdc++ CVE-2018-20657 LOW 8.5.0-10.1.el8_6
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://access.redhat.com/security/cve/CVE-2018-20657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
libstdc++ CVE-2019-14250 LOW 8.5.0-10.1.el8_6
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html
http://www.securityfocus.com/bid/109354
https://access.redhat.com/security/cve/CVE-2019-14250
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924
https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html
https://nvd.nist.gov/vuln/detail/CVE-2019-14250
https://security.gentoo.org/glsa/202007-39
https://security.netapp.com/advisory/ntap-20190822-0002/
https://ubuntu.com/security/notices/USN-4326-1
https://ubuntu.com/security/notices/USN-4336-1
https://ubuntu.com/security/notices/USN-4336-2
https://usn.ubuntu.com/4326-1/
https://usn.ubuntu.com/4336-1/
libtasn1 CVE-2018-1000654 LOW 4.13-3.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://access.redhat.com/security/cve/CVE-2018-1000654
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://ubuntu.com/security/notices/USN-5352-1
libzstd CVE-2021-24032 LOW 1.4.4-1.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-24032
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032
https://github.com/facebook/zstd/issues/2491
https://nvd.nist.gov/vuln/detail/CVE-2021-24032
https://ubuntu.com/security/notices/USN-4760-1
https://www.facebook.com/security/advisories/cve-2021-24032
lz4-libs CVE-2019-17543 MEDIUM 1.8.3-3.el8_4
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html
https://access.redhat.com/security/cve/CVE-2019-17543
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941
https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2
https://github.com/lz4/lz4/issues/801
https://github.com/lz4/lz4/pull/756
https://github.com/lz4/lz4/pull/760
https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E
https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
ncurses-base CVE-2021-39537 MEDIUM 6.1-9.20180224.el8
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://access.redhat.com/security/cve/CVE-2021-39537
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39537
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2021-39537
https://ubuntu.com/security/notices/USN-5477-1
ncurses-base CVE-2018-19211 LOW 6.1-9.20180224.el8
Expand...https://access.redhat.com/security/cve/CVE-2018-19211
https://bugzilla.redhat.com/show_bug.cgi?id=1643754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19211
https://ubuntu.com/security/notices/USN-5477-1
ncurses-base CVE-2018-19217 LOW 6.1-9.20180224.el8
Expand...https://access.redhat.com/security/cve/CVE-2018-19217
https://bugzilla.redhat.com/show_bug.cgi?id=1643753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19217
https://lists.gnu.org/archive/html/bug-ncurses/2019-04/msg00020.html
ncurses-libs CVE-2021-39537 MEDIUM 6.1-9.20180224.el8
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://access.redhat.com/security/cve/CVE-2021-39537
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39537
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2021-39537
https://ubuntu.com/security/notices/USN-5477-1
ncurses-libs CVE-2018-19211 LOW 6.1-9.20180224.el8
Expand...https://access.redhat.com/security/cve/CVE-2018-19211
https://bugzilla.redhat.com/show_bug.cgi?id=1643754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19211
https://ubuntu.com/security/notices/USN-5477-1
ncurses-libs CVE-2018-19217 LOW 6.1-9.20180224.el8
Expand...https://access.redhat.com/security/cve/CVE-2018-19217
https://bugzilla.redhat.com/show_bug.cgi?id=1643753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19217
https://lists.gnu.org/archive/html/bug-ncurses/2019-04/msg00020.html
openssl-libs CVE-2022-1292 MEDIUM 1:1.1.1k-6.el8_5
Expand...https://access.redhat.com/security/cve/CVE-2022-1292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/
https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html
https://nvd.nist.gov/vuln/detail/CVE-2022-1292
https://security.netapp.com/advisory/ntap-20220602-0009/
https://ubuntu.com/security/notices/USN-5402-1
https://ubuntu.com/security/notices/USN-5402-2
https://www.debian.org/security/2022/dsa-5139
https://www.openssl.org/news/secadv/20220503.txt
openssl-libs CVE-2022-2068 MEDIUM 1:1.1.1k-6.el8_5
Expand...https://access.redhat.com/security/cve/CVE-2022-2068
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7
https://nvd.nist.gov/vuln/detail/CVE-2022-2068
https://ubuntu.com/security/notices/USN-5488-1
https://www.debian.org/security/2022/dsa-5169
https://www.openssl.org/news/secadv/20220621.txt
pcre2 CVE-2022-1586 MEDIUM 10.32-2.el8
Expand...https://access.redhat.com/security/cve/CVE-2022-1586
https://bugzilla.redhat.com/show_bug.cgi?id=2077976,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,
https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c
https://linux.oracle.com/cve/CVE-2022-1586.html
https://linux.oracle.com/errata/ELSA-2022-5251.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
https://nvd.nist.gov/vuln/detail/CVE-2022-1586
rpm CVE-2021-35937 MEDIUM 4.14.3-23.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-35937
rpm CVE-2021-35938 MEDIUM 4.14.3-23.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-35938
rpm CVE-2021-35939 MEDIUM 4.14.3-23.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-35939
rpm-libs CVE-2021-35937 MEDIUM 4.14.3-23.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-35937
rpm-libs CVE-2021-35938 MEDIUM 4.14.3-23.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-35938
rpm-libs CVE-2021-35939 MEDIUM 4.14.3-23.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-35939
sqlite-libs CVE-2019-19244 LOW 3.26.0-15.el8
Expand...https://access.redhat.com/security/cve/CVE-2019-19244
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244
https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348
https://ubuntu.com/security/notices/USN-4205-1
https://usn.ubuntu.com/4205-1/
https://www.oracle.com/security-alerts/cpuapr2020.html
sqlite-libs CVE-2019-9936 LOW 3.26.0-15.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html
http://www.securityfocus.com/bid/107562
https://access.redhat.com/security/cve/CVE-2019-9936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9936
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/
https://security.gentoo.org/glsa/201908-09
https://security.netapp.com/advisory/ntap-20190416-0005/
https://sqlite.org/src/info/b3fa58dd7403dbd4
https://ubuntu.com/security/notices/USN-4019-1
https://usn.ubuntu.com/4019-1/
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114382.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114394.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
sqlite-libs CVE-2019-9937 LOW 3.26.0-15.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html
http://www.securityfocus.com/bid/107562
https://access.redhat.com/security/cve/CVE-2019-9937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/
https://security.gentoo.org/glsa/201908-09
https://security.netapp.com/advisory/ntap-20190416-0005/
https://sqlite.org/src/info/45c73deb440496e8
https://ubuntu.com/security/notices/USN-4019-1
https://usn.ubuntu.com/4019-1/
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114393.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
systemd-libs CVE-2018-20839 MEDIUM 239-58.el8
Expand...http://www.securityfocus.com/bid/108389
https://access.redhat.com/security/cve/CVE-2018-20839
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f
https://github.com/systemd/systemd/pull/12378
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.netapp.com/advisory/ntap-20190530-0002/
systemd-libs CVE-2021-3997 MEDIUM 239-58.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-3997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997
https://ubuntu.com/security/notices/USN-5226-1
https://www.openwall.com/lists/oss-security/2022/01/10/2

gobinary

No Vulnerabilities found