TrueChartsClone/charts/stable/organizr/security.md

54 KiB
Raw Blame History

hide
toc

Security Overview

Helm-Chart

Scan Results

Chart Object: organizr/templates/common.yaml

Type Misconfiguration ID Check Severity Explaination Links
Kubernetes Security Check KSV001 Process can elevate its own privileges MEDIUM
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'RELEASE-NAME-organizr' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.allowPrivilegeEscalation' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
Kubernetes Security Check KSV001 Process can elevate its own privileges MEDIUM
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'autopermissions' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.allowPrivilegeEscalation' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-organizr' of Deployment 'RELEASE-NAME-organizr' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/misconfig/ksv003
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'autopermissions' of Deployment 'RELEASE-NAME-organizr' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/misconfig/ksv003
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'RELEASE-NAME-organizr' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv012
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv012
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'RELEASE-NAME-organizr' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/misconfig/ksv014
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/misconfig/ksv014
Kubernetes Security Check KSV017 Privileged container HIGH
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.privileged' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/misconfig/ksv017
Kubernetes Security Check KSV020 Runs with low user ID LOW
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'RELEASE-NAME-organizr' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv020
Kubernetes Security Check KSV020 Runs with low user ID LOW
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv020
Kubernetes Security Check KSV021 Runs with low group ID LOW
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'RELEASE-NAME-organizr' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv021
Kubernetes Security Check KSV021 Runs with low group ID LOW
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-organizr' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv021
Kubernetes Security Check KSV030 Default Seccomp profile not set LOW
Expand... The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.


Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv030
Kubernetes Security Check KSV030 Default Seccomp profile not set LOW
Expand... The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.


Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv030
Kubernetes Security Check KSV105 Containers must not set runAsUser to 0 LOW
Expand... Containers should be forbidden from running with a root UID.


securityContext.runAsUser should be set to a value greater than 0
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv105
Kubernetes Security Check KSV105 Containers must not set runAsUser to 0 LOW
Expand... Containers should be forbidden from running with a root UID.


securityContext.runAsUser should be set to a value greater than 0
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv105
Kubernetes Security Check KSV106 Container capabilities must only include NET_BIND_SERVICE LOW
Expand... Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.


container should drop all
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv106
Kubernetes Security Check KSV106 Container capabilities must only include NET_BIND_SERVICE LOW
Expand... Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.


container should drop all
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv106

Containers

Detected Containers
      tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
      tccr.io/truecharts/organizr:latest@sha256:96480dd4af2fe39608da37c463a03e8d48fd4431a543250cf496a7941e0d3904
Scan Results

Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)

alpine

No Vulnerabilities found

Container: tccr.io/truecharts/organizr:latest@sha256:96480dd4af2fe39608da37c463a03e8d48fd4431a543250cf496a7941e0d3904 (alpine 3.15.2)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
apache2-utils CVE-2022-28615 CRITICAL 2.4.53-r0 2.4.54-r0
Expand...http://www.openwall.com/lists/oss-security/2022/06/08/9
https://access.redhat.com/security/cve/CVE-2022-28615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615
https://security.netapp.com/advisory/ntap-20220624-0005/
https://ubuntu.com/security/notices/USN-5487-1
https://ubuntu.com/security/notices/USN-5487-2
https://ubuntu.com/security/notices/USN-5487-3
https://www.openwall.com/lists/oss-security/2022/06/08/9
apache2-utils CVE-2022-31813 CRITICAL 2.4.53-r0 2.4.54-r0
Expand...http://www.openwall.com/lists/oss-security/2022/06/08/8
https://access.redhat.com/security/cve/CVE-2022-31813
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
https://github.com/apache/httpd/pull/320
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813
https://security.netapp.com/advisory/ntap-20220624-0005/
https://ubuntu.com/security/notices/USN-5487-1
https://ubuntu.com/security/notices/USN-5487-2
https://ubuntu.com/security/notices/USN-5487-3
https://www.openwall.com/lists/oss-security/2022/06/08/8
apache2-utils CVE-2022-26377 HIGH 2.4.53-r0 2.4.54-r0
Expand...http://www.openwall.com/lists/oss-security/2022/06/08/2
https://access.redhat.com/security/cve/CVE-2022-26377
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377
https://security.netapp.com/advisory/ntap-20220624-0005/
https://ubuntu.com/security/notices/USN-5487-1
https://ubuntu.com/security/notices/USN-5487-2
https://ubuntu.com/security/notices/USN-5487-3
https://www.openwall.com/lists/oss-security/2022/06/08/2
apache2-utils CVE-2022-29404 HIGH 2.4.53-r0 2.4.54-r0
Expand...http://www.openwall.com/lists/oss-security/2022/06/08/5
https://access.redhat.com/security/cve/CVE-2022-29404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404
https://security.netapp.com/advisory/ntap-20220624-0005/
https://ubuntu.com/security/notices/USN-5487-1
https://ubuntu.com/security/notices/USN-5487-2
https://ubuntu.com/security/notices/USN-5487-3
https://www.openwall.com/lists/oss-security/2022/06/08/5
apache2-utils CVE-2022-30522 HIGH 2.4.53-r0 2.4.54-r0
Expand...http://www.openwall.com/lists/oss-security/2022/06/08/6
https://access.redhat.com/security/cve/CVE-2022-30522
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522
https://security.netapp.com/advisory/ntap-20220624-0005/
https://ubuntu.com/security/notices/USN-5487-1
https://ubuntu.com/security/notices/USN-5487-2
https://ubuntu.com/security/notices/USN-5487-3
https://www.openwall.com/lists/oss-security/2022/06/08/6
apache2-utils CVE-2022-30556 HIGH 2.4.53-r0 2.4.54-r0
Expand...http://www.openwall.com/lists/oss-security/2022/06/08/7
https://access.redhat.com/security/cve/CVE-2022-30556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556
https://security.netapp.com/advisory/ntap-20220624-0005/
https://ubuntu.com/security/notices/USN-5487-1
https://ubuntu.com/security/notices/USN-5487-2
https://ubuntu.com/security/notices/USN-5487-3
https://www.openwall.com/lists/oss-security/2022/06/08/7
apache2-utils CVE-2022-28330 MEDIUM 2.4.53-r0 2.4.54-r0
Expand...http://www.openwall.com/lists/oss-security/2022/06/08/3
https://access.redhat.com/security/cve/CVE-2022-28330
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28330
https://security.netapp.com/advisory/ntap-20220624-0005/
apache2-utils CVE-2022-28614 MEDIUM 2.4.53-r0 2.4.54-r0
Expand...http://www.openwall.com/lists/oss-security/2022/06/08/4
https://access.redhat.com/security/cve/CVE-2022-28614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614
https://security.netapp.com/advisory/ntap-20220624-0005/
https://ubuntu.com/security/notices/USN-5487-1
https://ubuntu.com/security/notices/USN-5487-2
https://ubuntu.com/security/notices/USN-5487-3
https://www.openwall.com/lists/oss-security/2022/06/08/4
apr CVE-2021-35940.patch UNKNOWN 1.7.0-r0 1.7.0-r1
Expand...
busybox CVE-2022-28391 CRITICAL 1.34.1-r4 1.34.1-r5
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
curl CVE-2022-22576 HIGH 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://hackerone.com/reports/1526328
https://nvd.nist.gov/vuln/detail/CVE-2022-22576
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27775 HIGH 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://hackerone.com/reports/1546268
https://nvd.nist.gov/vuln/detail/CVE-2022-27775
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27774 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://hackerone.com/reports/1543773
https://nvd.nist.gov/vuln/detail/CVE-2022-27774
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
curl CVE-2022-27776 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://hackerone.com/reports/1547048
https://nvd.nist.gov/vuln/detail/CVE-2022-27776
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
git CVE-2022-24765 HIGH 2.34.1-r0 2.34.2-r0
Expand...http://seclists.org/fulldisclosure/2022/May/31
http://www.openwall.com/lists/oss-security/2022/04/12/7
https://access.redhat.com/security/cve/CVE-2022-24765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode
https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/
https://support.apple.com/kb/HT213261
https://ubuntu.com/security/notices/USN-5376-1
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-3
libcurl CVE-2022-22576 HIGH 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-22576
https://curl.se/docs/CVE-2022-22576.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://hackerone.com/reports/1526328
https://nvd.nist.gov/vuln/detail/CVE-2022-22576
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27775 HIGH 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27775
https://curl.se/docs/CVE-2022-27775.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://hackerone.com/reports/1546268
https://nvd.nist.gov/vuln/detail/CVE-2022-27775
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27774 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27774
https://curl.se/docs/CVE-2022-27774.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://hackerone.com/reports/1543773
https://nvd.nist.gov/vuln/detail/CVE-2022-27774
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
libcurl CVE-2022-27776 MEDIUM 7.80.0-r0 7.80.0-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-27776
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
https://hackerone.com/reports/1547048
https://nvd.nist.gov/vuln/detail/CVE-2022-27776
https://security.netapp.com/advisory/ntap-20220609-0008/
https://ubuntu.com/security/notices/USN-5397-1
libldap CVE-2022-29155 CRITICAL 2.6.0-r0 2.6.2-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-29155
https://bugs.openldap.org/show_bug.cgi?id=9815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29155
https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html
https://nvd.nist.gov/vuln/detail/CVE-2022-29155
https://security.netapp.com/advisory/ntap-20220609-0007/
https://ubuntu.com/security/notices/USN-5424-1
https://ubuntu.com/security/notices/USN-5424-2
https://www.debian.org/security/2022/dsa-5140
libxml2 CVE-2022-29824 MEDIUM 2.9.13-r0 2.9.14-r0
Expand...http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html
https://access.redhat.com/security/cve/CVE-2022-29824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
https://gitlab.gnome.org/GNOME/libxslt/-/tags
https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
https://nvd.nist.gov/vuln/detail/CVE-2022-29824
https://ubuntu.com/security/notices/USN-5422-1
https://www.debian.org/security/2022/dsa-5142
logrotate CVE-2022-1348 MEDIUM 3.18.1-r1 3.18.1-r2
Expand...http://www.openwall.com/lists/oss-security/2022/05/25/3
http://www.openwall.com/lists/oss-security/2022/05/25/4
http://www.openwall.com/lists/oss-security/2022/05/25/5
https://access.redhat.com/security/cve/CVE-2022-1348
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1348
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1348
https://github.com/logrotate/logrotate/blame/master/logrotate.c#L3015-L3017
https://github.com/logrotate/logrotate/commit/f46d0bdfc9c53515c13880c501f4d2e1e7dd8b25
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7EHGYRE6DSFSBXQIWYDGTSXKO6IFSJQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYEB4F37BY6GLEJKP2EPVAVQ6TA3HQKR/
https://nvd.nist.gov/vuln/detail/CVE-2022-1348
https://ubuntu.com/security/notices/USN-5447-1
pcre2 CVE-2022-1586 CRITICAL 10.39-r0 10.40-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-1586
https://bugzilla.redhat.com/show_bug.cgi?id=2077976,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,
https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
https://nvd.nist.gov/vuln/detail/CVE-2022-1586
pcre2 CVE-2022-1587 CRITICAL 10.39-r0 10.40-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-1587
https://bugzilla.redhat.com/show_bug.cgi?id=2077983,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587
https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/
https://nvd.nist.gov/vuln/detail/CVE-2022-1587
ssl_client CVE-2022-28391 CRITICAL 1.34.1-r4 1.34.1-r5
Expand...https://access.redhat.com/security/cve/CVE-2022-28391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
xz-libs CVE-2022-1271 HIGH 5.2.5-r0 5.2.5-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-1271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
https://errata.almalinux.org/8/ALSA-2022-1537.html
https://linux.oracle.com/cve/CVE-2022-1271.html
https://linux.oracle.com/errata/ELSA-2022-5052.html
https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
https://ubuntu.com/security/notices/USN-5378-1
https://ubuntu.com/security/notices/USN-5378-2
https://ubuntu.com/security/notices/USN-5378-3
https://ubuntu.com/security/notices/USN-5378-4
https://www.openwall.com/lists/oss-security/2022/04/07/8
zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0
Expand...http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://errata.almalinux.org/8/ALSA-2022-2201.html
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://linux.oracle.com/cve/CVE-2018-25032.html
https://linux.oracle.com/errata/ELSA-2022-2213.html
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://security.netapp.com/advisory/ntap-20220526-0009/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://ubuntu.com/security/notices/USN-5359-2
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3